Spam Prevention Strategy

Despite the best efforts of the brightest minds on the Internet, spam isn’t going away anytime soon. (We just haven’t figured out how to deliver electric shock over the Internet yet.) And to be most effective at blocking it, you may need to apply a variety of techniques.

Bad Behavior is completely different from any other anti-spam solution out there, in that it doesn’t specifically target spam itself. Rather, it targets the methods by which the spam is delivered. Until I released the first version in 2005, this approach had never been tried. It proved very effective at stopping a lot of malicious activity, not just spam: It also blocks many email address harvesters, meaning less e-mail spam, and some types of automated cracking attempts, improving your server’s security.

While a somewhat similar solution called mod_security exists, it has a rather different purpose, doesn’t target spam, and regular people can’t install mod_security on their shared web hosting accounts. Bad Behavior blocks spam as well as other malicious activity and can be installed by anyone.

On some high traffic sites, or those specifically targeted by spammers, the traffic from these spam attacks can be so excessive as to exceed your account’s bandwidth limits, or overload the server, and cause your account to be suspended. Bad Behavior helps to prevent both of these situations by blocking malicious activity as soon as possible, before either bandwidth or CPU are expended on a request which will turn out to be bogus.

But because Bad Behavior intends to block no legitimate users whatsoever, it must necessarily let some things pass. Consider it your first line of defense, and back it up with a secondary line of defense in the form of a more traditional anti-spam tool for your platform. For WordPress, this can include Akismet or Spam Karma 2.

You absolutely should use both, as what will happen if you use only the secondary line of defense is that your administrative screen will rapidly fill with so much spam that you won’t be able to find and recover the occasional legitimate comment that those tools block. By blocking most spammers before you ever see it, the amount of garbage you have to sift through to find legitimate comments, or the number of edits you have to revert on your wiki, is greatly reduced.

In this way Bad Behavior saves you time and frustration and gives you peace of mind by turning spam from a colossal nightmare into, well, not much at all.