“Your account is consuming about 10.66% of CPU resources on a shared server, which is not a fair share,” the message said.

“We had no choice but to block the web access of following script to stabilize the server. Because resources are shared, I’m sure you can understand that we need to take action if one site is causing downtime for dozens of other sites.”

I actually don’t fully understand why the site was suspended without warning, but that’s another issue. Being at the cricket I had no way of taking immediate remedial action anyhow.

According to Google Analytics, this site receives about 300 visitors per day, which by itself should not consume excessive server resources.

However, it’s always good to keep the house tidy so I was happy to review and implement several measures.

1) Once at home I installed WP Super Cache. This plugin generates static html files from a dynamic WordPress blog. After a html file is generated, the web server will serve that file instead of processing the comparatively heavier and more expensive WordPress PHP scripts.

As it currently stands, about 24 hours after my site was restored, the cache holds 9.89MB with 13 pages and 124 expired pages.

2) I also installed the WP Smush.it plugin and smushed all my images.

Smush.it uses optimization techniques specific to image format to remove unnecessary bytes from image files. It is a “lossless” tool, which means it optimizes the images without changing their look or visual quality.

It took about an hour to bulk process all my pictures, and I noticed that most were being reduced in size by around 30 percent.

3) I deleted post revisions from the database and optimized the database.

4) I removed the Daily Stats plugin, which may or may not have been adding to server load. It certainly had a hefty database table of 2MB, which I deleted.

5) I removed several inactive plugins.

Bad Behavior plugin

6) Late yesterday I installed the Bad Behavior plugin. I had used this plugin previously, but encountered some problems with it. So far, it’s working okay this time.

Bad Behavior works by screening all requests to block email harvesters and malicious robots.

Bad Behavior analyses the HTTP headers, IP address and other metadata regarding the request to determine if it is spammy or malicious.

In just under 24 hours, Bad Behavior has blocked 839 attempted visits. That seems an extraordinary number and is probably why the system resources are being strained. An example of the log is pictured below.

According to the FAQ: “By preventing spambots and other malicious bots from ever accessing any of your pages, your bandwidth usage and server load will drop significantly. How much depends on how many malicious bots visit your site regularly. It can also help prevent a denial of service where your Web host shuts off your account because spambots were using up all the available resources.”

That’s what I want to achieve, of course, a reduction in use of system resources.

Site5 emailed me again this morning to say there has been an improvement in that regard, down to 6.81 percent, but more needs to be done.

I’m hoping that if Bad Behavior does its job, there will be a more significant reduction in the next couple of days.

If anyone has encountered any difficulty using this site, please let me know.

The latest stats show that Akismet has blocked 81,016 spam comments for an accuracy rate of 99.83 percent. Good work!

“Your blog will be deleted in 20 days if it isn’t reviewed, and your readers will see a warning page during this time. After we receive your request, we’ll review your blog and unlock it within two business days. Once we have reviewed and determined your blog is not spam, the blog will be unlocked and the message in your Blogger dashboard will no longer be displayed. If this blog doesn’t belong to you, you don’t have to do anything, and any other blogs you may have won’t be affected.”

The Blogger Team said they find spam by using an automated classifier.

“Automatic spam detection is inherently fuzzy, and occasionally a blog like yours is flagged incorrectly,” the email says.

“We sincerely apologize for this error. By using this kind of system, however, we can dedicate more storage, bandwidth, and engineering resources to bloggers like you instead of to spammers.”

It’s all a bit strange really.

The help page explains how spam blogs are detected, and I can’t see why mine has been caught in this trap.

They say link spammers “can be recognized by their irrelevant, repetitive, or nonsensical text, along with a large number of links, usually all pointing to a single site”.

An archive of my editorials?

I’ve asked for a review, of course, and it will be interesting to see how long that takes.

Meanwhile, it’s all a little disconcerting.

If the case of mistaken identity isn’t sorted out within a week I’ll shift the site to WordPress or host the content myself.

Update: My site was given the all clear to continue.

Purporting to be from the email address refund@ato.com.au it said I was entitled to a $250 refund on my Visa or Mastercard.

I knew it was fraudulent immediately, of course. The ATO doesn’t have my Yahoo! address, doesn’t communicate by unsolicited email and doesn’t give refunds on credit cards.

Also, I had seen a media release from the Tax Office on a different but related scam.

The Tax Office is warning people to be wary of a fraudulent email being circulated that claims to offer a 30% discount on their taxes. The email uses the Tax Office logo and the words ‘Cut Off Taxes Program (COTP) has been released – Join Now’ in the subject heading …

The subject heading in my email was “Message from the Australian Government”.

This article in The Age suggests the dodgy ATO emails are now common.

The scam ATO email, which promises a $250 bonus on top of a tax return, links the taxpayer to an online form that asks for personal details including ATM pin, credit card details and tax file number. Instead of submitting the form online, the website asks for a printed version to be mailed to an address.

While on one hand these scams are getting more sophisticated, they might suck more people in if they employed someone who speaks English.

My email asked me to complete the “formular”.

I’m not even a customer of the Commonwealth Bank.

But every message needs to be read and marked as spam, which wastes time and effort.

I like to read emails straight away, and as soon as I get an alert there’s a new message I tend to visit the inbox and read it. These are some of the recent emails:

Sent by customer@commbank.com.au

Dear CommonWealth Bank Account Holder ,

We are currently updating our online banking services , and due to this upgrade we sincerely call your attention to follow below link and confirm your online account details . Failure to confirm the online banking details will suspend you from accesing your account online . Due to this , you are requested to follow the provided steps and confirm your Online Banking details for the safety of your accounts .

link deleted *

* We use the latest security SSL measures to ensure that your online banking experience is safe and secure. The administration asks you to accept our apologies for the inconvenience caused and expresses gratitude for cooperation .

Thank you for your cooperation ,
CommonWealth Bank Group

Sent by qjrrjp@google.com.au

Dear Commonwealth Bank member,

You have received this email because you or someone had used your account from different locations. For security purpose, we are required to open an investigation into this matter.

In order to safeguard your account, we require that you confirm your online banking details.

The help speed up to this process, please access the following link so we can complete the verification of your Commonwealth Online Banking account registration information.

link deleted

If we do not receive the appropriate account verification within 48 hours, then we will assume this Commonwealth account is fraudulent and will be suspended.

The purpose of this verification is to ensure that your bank account has not been fraudulently used and to combat the fraud from our community.

Sent by security@commbank.com.au

Dear Customer,

Your NetBank access has been locked as a result of too many incorrect logon attempts.

In order to re-activate, please LOG ON to your NetBank account and follow the steps.

Sincerly,
Commonwealth Bank of Australia Customer Services

Sent by admin@common.net

Dear Valued Customer,

This email is your official notification from Commonwealth Bank .Your online NetBank has expired on 25-05-2009 ,if you want to continue using our service you have to renew your acount if not your account will be deactivated and deleted

To continue please click the link below:

link deleted

Many Thanks and Kind Regards – Commonwealth Bank Customer Department

© Commonwealth Bank of Australia 2009 ABN 48 123 123 124

Final comment: Poorly written using dodgy email addresses, but very annoying.

It surprises me they’re getting through the Google and Yahoo! spam filters.

I don’t imagine the bank is too happy about what’s going on either. They say:

Hoax Emails – There are a large number of spam emails being sent to customers claiming to be from the Bank. Do not be duped. DO NOT CLICK LINKS IN THESE EMAILS NO MATTER HOW GENUINE THEY MAY LOOK. To check if an email is genuine a copy will be available in NetBank for viewing. If you suspect you have received a spam email, please forward it as an attachment to hoax@cba.com.au and then delete the email.

According to Spam Fighter, the bank last year alerted federal authorities. While the e-mails’ origin is not clear, it said the messages seemed to be “international”.

Top of the list was an email from Katrina Madelyn offering me drugs from a Canadian pharmacy, including Viagra and others I had never head of like Flomax and Rockit247. ViagraOralJelly sounds interesting.

Nestor Sheppard, whose email address is ColbyaffinitySheppard@wowhead.com, wrote: “A top team of British scientists and medical doctors have worked to develop the state-of-the-art penis enlargement patch delivery system which automatically increases penis size up to 3-4 full inches.”

Estele Engle wants to date me: “I’m a pretty woman, brunette with brown eyes, and I’m looking for an intelligent man to communicate by email, Skype, or on real dates!”

Astrology.com thinks I’m gay: “A psychic can help you get inside his mind – so that you can win back his heart.” Wrong!

Natalia asks me: “Are you unlucky in finding a perfect wife?” and links me to a Russian site.

etc …

I really like Google’s spam filter.

Unfortunately, when it triggered a captcha for suspicious posts those people were having trouble.

I’m now using reCAPTCHA. I’ve seen it on a lot of sites and didn’t realise until today there was a WordPress plugin.

I recall checking it out several months ago and thought it was too complicated to install. It’s very easy now.

However, I had a report from someone whose email address the system considered suspicious (something like name@name.com), the captcha check was hard to read and the audio tool didn’t work at all.

In trying to investigate the problem I accidentally deleted about 20 recent comments. Doh!

I posted in the Mollom forums and they have acknowledged the audio issue, but gave no timeframe on a solution. So until it’s fixed I have gone back to Defensio.

The problem with Akismet and Defensio is they sometimes block genuine comments. Manual checking is the only way to find out.

On days when my sites are flooded with spam, that has meant scanning through up to 100 comments.

Mollom takes a different approach and refers potentially dodgy comments to a CAPTCHA challenge. If the visitor is human the comment will get through; if not it’s banished.

When new content is analyzed by Mollom’s intelligent text-analysis filter, and Mollom is unsure whether it is ham or spam, it asks the user to answer a CAPTCHA challenge. This challenge-response procedure will never block human users, and it allows us to set very tight spam filters and prevent almost all spam from getting through.

This takes the hassle out of comment screening.

The service is free for up to 100 legitimate comment posts per day, and even with the newspaper site, I’m unlikely to face that dilemma.

Another problem I had with the newspaper site was comment notification. I use a plugin because the inbuilt WordPress system doesn’t work for some reason I have never established.

The plugin notifies me of all comments held for moderation, including spam until Mollom.

Since installing Mollom I have only received email alerts for genuine comments. The stats show that 14 comments have been seamlessly blocked here and 10 at The Border Watch in less than a day without me needing to check them.

My first layer of protection on this WordPress site is Akismet. When a new comment, trackback, or pingback comes to the site it is submitted to the Akismet web service which runs hundreds of tests on the comment and returns a thumbs up or thumbs down.

When the plugin catches something as spam it saves it in the database for 15 days in case I want to check it out manually and then automatically deletes it.

It has been known for Akismet to make false identifications. I used to scan the captured spam to check and as the numbers skyrocketed this became rather cumbersome.

I then installed the Bad Behavior plugin as an extra guard. It is a set of PHP scripts which prevents spambots from accessing the site by analyzing their actual HTTP requests and comparing them to profiles from known spambots. Bad Behavior blocks spambots with a short error message, so most of them don’t even make it through.

On the footer of this site you will see a note saying how many spam attempts have been blocked — 1371 in seven days as I write this.

Despite these two powerful spam fighters I was still having to screen 30 or 40 messages a day in Akismet.

I then added Ravens’ Antispam plugin and it’s reduced the attacks to zero. It uses javascript in a clever way I can’t explain to fool the spambots. Apparently bots can’t read javascript. If a user comes here without a java-enabled browser they will need to complete an extra text input field to make a comment.

It’s a war of attrition but for the moment I’m winning thanks to the smart people in the WordPress community.