G'day all,

For those of you using K2, you would be aware that comments can be made available on every category and not just blog posts.

I have just had an incident with one account that will require further investigation. Our server had been acting up and even crashing over the last few days. Process logs indicated one account seemed to be using more resources than others.

When I looked at the account, I noticed that their mySQL files were taking up something like 180Mb of their space which was quite ridiculous. Further investigation in the database showed that there were around 170,000 records in the jos_k2_comments table. This was NOT reflected in visitor numbers, so I can only assume a bot attack on the site.

I have deleted all the records from the table and turned comments off for the moment. The next step will be to implement recaptcha which should of been done when the site was setup. Obviously an oversight. The other oversight was that admin approval be required before any comments would appear on the site. (This is all done in the Parameters area of K2)

Next step will be to further investigate the problem of not being notified on comments being posted to sites using K2. I have been aware of this for sometime, but for accounts waiting for quality comments to be approved. If anyone is aware of a K2 comment notification extension or solution to this problem, then I would be pleased to hear it. In the meantime, I hope that my publication of this issue might avert a similar issue on someone else's site.

Cheers,

I scrapped the k2 commenting feature and replaced it with Disqus and Intense Debate.

Better features, better social networking and no spam but there are a few downsides.

@buipy001 The downsides being?????

UPDATE
Despite a few tweets, I have had no response to this issue. Simon Wells of K2Joom fame has written an extension for K2 which will notify you of comments, but only to one email address. It also overwrites the K2 core code. Simon had intended to release an updated version of this but apparently has had some health issues. In the meantime, I keep looking for an answer as comments, where legitimate are fantastic for a site in building interactivity.

Well the main downside to using Intensdebate or Disqus is that they're all JS driven and pull data in from other websites and servers.

so:

1) You're relying on the reliability of these other servers that hold your data. It is also a free service so I can't see how they are funding themselves to keep all of the data around.


I also thought that Google couldn't read the comments but it actually can. I just did a test on one of my pages and Google Picks up the content within the JS disqus comments just fine.

Which is the whole purpose of using comments. Providing they are relevant to the page topic, they are adding valuable content to your site, which Google loves.

I thought it couldn't originally but for the added social networking, reactions tracking etc I thought it really outweighed the lost of SEO. Actually having people comment and not spammers was a good benefit.

but yeh, Disqus does get google crawlled and has all of the social networking bells and whistles.

Peter

Just an update.

Server still being hammered by bots trying to make comments on a few sites. It was so bad today they actually crashed the server. I've just been manually trolling access logs for two accounts and comparing common IP addresses. I've come up with six initially that I've blocked in the server firewall. Unfortunately, it is no doubt a bot doing this and I suspect the IPs I've identified are just relays and not the originating one anyway.

We'll see what happens next.

wow turn it off ric!

Can't have a site crashing a server and blocking their IP addresses won't do anything. Site lists are usually shared by spammers.

It is better to kill off the comments on the site so that it is taken off the spammers list of sites.

You don't want to move to instense debate or disqus?

Peter

Comments have been turned off Peter, but the attacks keep coming. The initial denial of 6 IP addresses has shown a good decline overnight and also made others more visible. I have just banned a further 7 IPs from Germany and Russia. With any luck this might be the end of it.

I will keep checking the access logs of the main site being attacked to pick out more offenders and keep adding them to the csf.deny file.

This is definitely NOT fun!

yeh it will die off.

I was just about to ask if you have access to CSF

Good luck! Sounds like you're getting there!