A harsh step to take but I would like to see some geo IP blocking, banning, suspending, etc....
Most of our spam comes from China, I have no business in China, if all of their traffic was dropped it would stop a lot of spam and save some bandwidth.
There are various methods to achieve this I know.
I saw a recent plugin which helps control content per country: http://pranavrastogi.com/projects/plugins/gt-geotargeting/ Perhaps something similar can be achieved on a global scale?
Another interesting link: http://www.howtodowebmarketing.com/2011/02/08/geo-targeting-for-wordpress-part-1-of-3/
I'd also like to recommend you take a look at a plugin which I use on ImpressCMS, just for some ideas, it helps handle some attacks as to strengthen security:
Anti splog could be so much more!
Protects from various kind of attacks like:
- Bad Crawlers (like bots collecting e-mails...)
- SQL Injection
- XSS (not all though)
- System globals pollution
- Session hi-jacking
- Directory Traversal
- Some kind of CSRF (fatal in XOOPS <= 18.104.22.168)
- Brute Force
- Camouflaged Image File Uploading (== IE Content-Type XSS)
- Executable File Uploading Attack
- XMLRPC's eval() and SQL Injection Attacks
- SPAMs for comment, trackback etc.
It records into its log.
This could help defend against poorly coded themes and plugins, F5 attacks (bruteforce), etc, etc.
As a side question, what do all you guys do? Tolerate it? Block it? Something else?
Yeah so as a feature request, could Anti-Splog be more?