Sorry, gang. Some doofuses are sending spam comments into my server (and a few other things, it seems) at a rate that’s too fast for Apache to keep up. As a result, Apache just seems to hang and become unresponsive.
Unable to detect when an incoming request is a valid commenter before passing the request on to WordPress’ comment processing system, leaving this unchecked takes down the whole server within a minute or two. There’s nothing to do about it but research the incoming requests and, in the meantime, disable the comment form. Rather, the thing that processes the comments for WordPress.
One of the giant frustrating sore spots in WordPress’ architecture is the way it processes comments. It requires (if you have no other special code in place) that all of your comments funnel through a single file URL. Spam scripts simply feed that URL whatever spam they want and they don’t have to throttle. It doesn’t matter what they send, and they don’t care whether it’s successful or not. WordPress will attempt to process all of the spam that comes into that file.
It doesn’t matter what I run behind that URL. It could be nothing, it could be the lauded “Akismet” plugin, it doesn’t matter. In fact, the more processing - the more delay - the worse it gets. Waiting for an external server is the worst. Making that additional outgoing connection in an environment where incoming connections are much of the cause of the problem seems like a bad idea.
The only way out of this predicament that I see is to write a new plugin that lets me put the form processing somewhere other than what will trigger processing and cause a bottleneck. How annoying.
Anyway, enough complaining over something that I have no influence to change.
The bottom line is, no commenting for a while. I’ll figure things out and turn commenting back on. Yes, I know you’re getting a 403 - thanks to everyone who emailed to let me know. I did exactly that on purpose. Sorry.
I think the solution may be something more drastic than a simple plugin in the end. .htaccess changes? New Apache modules? Something else entirely? I’d ask for suggestions, but the comments aren’t running…
