I have a two wordpress sites that have received 1000’s of emails in the last few days from the same people promoting some cruddy website promoting fake goods.
Is there a way to stop this ( free ) ? It’s taking over my inbox…
Do you mean emails via the contact form?
If so you could try a more complicated captcha (e.g. an image-based one) to see if that makes a difference.
Let me elaborate: what I mean by “more complicated”, is something that might not be so easy to crack.
Your current captcha asks the user to add two numbers, e.g. 6 + 11.
I don’t know much about how spam bots work, but in JavaScript you could just type eval("6+11") to get the correct answer.
Also, another good method I heard of to avoid spam on contact forms, is to create a hidden field (i.e. a normal text input field that you move off of the screen with left:-9999em or something.
This will be invisible to normal users, but visible to spam bots, who generally won’t be able to resist filling it out.
You can then filter mails on the basis of those which contain an entry in this field.
I’m not sure of the correct name / implementation of this, but I’m sure that you’ll be able to find something on Google.
I’ve lost touch with WordPress, but on some comment systems, the IP address of the spammer is recorded—which then allows you to ban that IP address from your site. Although I suspect you’d find that these spam attacks are coming from multiple IP addresses. There may be a WP add-on to help prevent bot attacks—something like what Pullo mentioned. I’ve also found that if you turn off commenting for a few days and then turn it back on again, the current spammers have gone away, but it’s no guarantee. When I did use WP, I was using Akismet (something you set up through WP.com). Are you using that?