I’ve just had to put CAPTCHA on the blog comments here, because of too much spam. The spam filters are fine, but there was just too much spam being added.
Part of the problem was that BlogEngine.NET’s SQL provider deletes a post (!) before re-adding it, with every comment, all over again. So to add a new comment, every other comment on that post is deleted and re-added. To delete a comment, the same thing happens. With over 20,000 spam comments (and about 15 genuine ones), deleting comments was going to be a problem (and slow as hell!)
I was only really bothered by this when my hosting company informed me I was over quota – about 2.5GB over my 1GB limit. I traced this to the database, and after (manually) clearing out the spam comments, couldn’t fathom why it was still too high. The database itself was only about 6MB (as a backup file).
It turns out all that database activity was being logged, and the log file was over 3GB. So I can’t just allow rampant spamming, even though the filters were really pretty clever.
At some point, I intend to re-write the SQL provider for this blog that will help me keep that sort of thing to a minimum – I was gobsmacked when I realised that if I edit a post (for example, to correct a mis-spelled word, add a tag, etc) every comment was deleted and re-added. Even to add a comment, every comment is deleted and re-added. Surely, that’s not necessary… but I have other projects to get out of the way first. Maybe a resolution for next year?