I have been getting multiple spam attempts on my wordpress blog in the comments section of my blog. These comments have not made it publicly to my blog because I have personally approve each users first comment before they can post a comment. All spam so far seems to come from automated attacks, and the attacks are daily by the same IP address. I have finally decided to do something about this.
I followed this post, http://www.wpoptimus.com/912/ban-ip-addresses-login-wordpress-dashboard/, and installed the plugins WP-Ban, and Login Security Solution.
Anti-spam has worked great and requires the least effort. wp-ban works but requires you to manually block ips or domain names. I recommend starting with Anti-spam and only add wp-ban if needed. Anti-spam prevents bots (computer programs) from writing comments on your site. I have never had a real human leave a comment on my site. My site is configured that I have to manually approve the first comment by a person before it becomes visible on my site. Now that I have Anti-spam, my comments page is not filled up with spammers anymore. I like Anti-spam so much that I am giving them a donation.
Preventing Login Attacks
I have also added the login-security-solution plugin to block brute force login attacks. Its description is: “Security against brute force attacks by tracking IP, name, password; requiring very strong passwords. Idle timeout. Maintenance mode lockdown.”