The recent attack on WordPress sites has made me look harder at visitors to this site. It turns out that along with the real visitors, there are a lot of b*st*rds. I am taking steps to exclude the b*st*rds.
It is absolutely amazing to me how many times robots or other trolls attempt to send spam to this account, particularly given how obscure it is. This of course is not just a problem on my site – it’s a fact of daily internet life. In statistical terms, the majority of traffic on the internet is malicious. It’s pretty much the same as if you were walking down the street, and 8 out of 10 people you passed tried to pick your pocket, or plaster an advert on your chest. I hadn’t appreciated this until I examined my user logs in detail. Mostly we just take steps to screen out the spammers and trolls, but that’s sort of like solving the crime problem by employing a bodyguard. Not a good plan for the longer term. I think eventually something will have to be done – and this probably will involve losing the treasured Internet principle of anonymity. Eventually it will go this way – just as we no longer complain (in the UK at least) about surveillance cameras everywhere, and most of the rest of the world has no issue with ID cards.
Anyway, to improve security, and to provide decent information about the actual humans who come to the site, I have installed some more sophisticated security tools. One of these identifies those who failed the “Captcha” test. This is the very very irritating box of more or less illegible characters that you have to decipher to be able to send a comment or message. It’s used in many commercial sites, and like you, I find it frustrating and often impossible to use. But I now understand why it is used. Without Captcha boxes, automatic internet trolls fill in the details and get to fill your system with spam. The difference with and without it is huge. I had removed the need for the test on post comments, but reluctantly I am now having to put them back.
In addition, I now block all IP addresses that I don’t like, and specifically that fail the “Captcha” test, so they can’t come back and irritate me or clog up site access This not only reduces the number of b*st*rds getting through, it also gives me better information about real people visiting the site.
That may, rarely, mean that some people are unfairly denied access. If you think that may be the case for you, visit on a different computer, and send me an email (requires you pass the Captcha test again), and I’ll remove the block.