Of late, the blog has been getting 500 hits per day, with 60-ish on the main page and 30-ish on the post of the day. The “Hot Topics” posts (over in the right column, down a bit) account for a scant hundred more hits, with the remaining 300 hits distributed in onesies and twosies along the very, very long tail of 4200 posts.
Then this happened:
It seems a spammer noticed my posting activity and unleashed either a script or, more dismally, a stable of low-wage third-world workers to make a comment on every single post in the blog.
The Akismet scanner flagged three dozen comments made on the most recent posts, with the remaining 4500 (!) page views producing zero comments, because, some years back, I had disabled comments on posts older than a few dozen days. I disliked doing so, because I value comments from folks who contribute to the discussion, but …
The IP addresses seem to point back to compromised servers and pwned Windows boxes in the US, with very few foreign sources. The comments themselves consist of the usual gibberish, often run through a thesaurus (known as “spinning”) to improve the odds of evading the detectors. The payload seems to be the URLs attached to the random user names, all pointing to sites touting Vietnamese (!) scams, Russian pharmaceutical sources, online gambling dens, and the like.
And then, after two days, it was over.
Which is why I really really do not want to manage my own blog infrastructure, infuriating as WordPress-dot-com’s editor might be.