I disabled Bad Behavior a while back because I discovered that it didn’t play well with my caching plugin.1 Since then I’ve only been running Akismet, which has been working great. Unfortunately, the problem is that while Akismet filters through spam that get submitted, it doesn’t actually stop spam bots from submitting in the first place, which is what Bad Behavior did. This is important because part of what NearlyFreeSpeech bills is resource usage.

I found a plugin called Anti-spam that works as a “hidden captcha” of sorts. Working on the assumption that spam bots don’t execute JavaScript, it adds an extra field to the comment form. This field is invisible if you have JavaScript enabled, and if you don’t, it asks you a human-answerable question.

The effects have been pretty great. Normally I wake up to around 100-150 spam comments waiting for me, but this morning I found a grand total of… 0. It also let a legitimate comment through in the meantime, no problem.

Whether you get charged for resource usage or not, I would highly recommend installing Anti-spam or a similar plugin. Just the simple defense of not letting spam comments through in the first place take a great load off of the server, since otherwise it would have to process and screen every single one. Ideally, I would run Bad Behavior in combination with Anti-spam, if it worked with my caching setup.

  1. The IP of whoever visited when the cache was being generated would end up hard coded in the <head> of the document, which resulted in people with various IPs who visited having the original visitor’s IP in the Bad Behavior check.