We’ve been hard at work on version 3.0 of the Akismet plugin for WordPress. It’s a major rewrite of the plugin code that includes a new configuration page, improved signup and activation, and some new features. We’ve shed most of the legacy code that was maintained for backwards compatibility with ancient versions of WordPress, and redesigned the code so we can bring you new features in coming months.
Since it’s a major change from previous versions, we could use your help testing the new plugin before its final release. If you’re comfortable manually installing a plugin in WordPress, you can download akismet.3.0.0-RC1.zip or use the 3.0.0-RC1 tag in the Subversion repository.
Try it out and tell us what you think – we have some exclusive Akismet swag for those who send bug reports and the most helpful feedback. Bug reports and detailed feedback is best sent via our contact form. You can leave general public feedback in comments below or on Twitter.
If you’re not sure how to install the plugin manually, or you’re not willing to run pre-release code on your site, we recommend waiting for the final release, which we expect to coincide with next week’s launch of WordPress 3.9.
The Akismet plugin version 2.6.0 for WordPress is now available.
It includes some incremental bugfixes since 2.5.9, plus some security and anti-spam improvements to how pingbacks work. Key changes since the last release:
- Fix bug in link to spam comments from right now dashboard widget.
- Fix bug with deleting old comments to avoid timeouts dealing with large volumes of comments.
- Include X-Pingback-Forwarded-For header in outbound WordPress pingback verifications.
- Add a pre-check for pingbacks, to stop spam before an outbound verification request is made.
There was a news cycle a few days ago about “WordPress pingbacks being used to DDOS sites” which had a lot of misinformation and hyperbole, but there were two valid issues which the last two bullet points address: anti-spam checks were done after a pingback was verified, and WP didn’t pass on who made the request that caused it to verify a pingback (effectively cloaking the true source). This update to Akismet addresses both, and we think a similar approach may be appropriate for core in a future release.
To update, just visit the Updates tab of your WordPress dashboard.
There was a partial outage today that affected the Akismet API.
Starting around 21:53 UTC a network issue caused approximately 10% of API calls to fail. Our systems team routed traffic to alternate servers and the network problem was fixed. The partial outage lasted 20 minutes.
The WordPress Akismet plugin will automatically re-try any comments that were not correctly filtered as a result of the problem.
The API is now back to normal and responding to all traffic.
Looking forward to a hitch-free 2014?
Spam protection and loss prevention are on everyone’s list of must-have WordPress tools. We think they naturally go hand-in-hand — and today, we’re excited to announce that you can take care of both these essentials with a single subscription.
We’re pleased to offer a new bundle subscription that includes both the spam-zapping brilliance of Akismet Professional and the fantastic VaultPress Lite service, with its daily backups, 30-day archive, and one-click automated restores.
Along with the uncompromising spam protection that Akismet provides, you can now guarantee the safety of all your WordPress content, from database tables and plugins to themes and uploads — with VaultPress, your entire WordPress installation is safe and sound. You can choose a monthly subscription ($9 per month), or save $15/year by opting for an annual subscription ($99). Separately, the subscriptions would run you $10 per month or $114 per year.
The signup and activation process is simple and seamless. Make it your New Year’s resolution to grab the bundle, and stop worrying about annoying spam, asteroid strikes, extraterrestrial attacks, or unintentional mistakes after those long nights of blogging. You can sign up on our plans page.
If you have any questions about the bundle, please feel free to get in touch with us via akismet.com/contact. We’re always ready and happy to help.
As 2013 draws to a close, we at Akismet would like to let you know just what we’ve been up to — and, of course, wish you a very happy holiday season.
For the abridged version, we’ve prepared a nifty infographic illustrating the year that was:
There was an API outage on November 28th. Switch failures led to cascading problems that took approximately 50 minutes to stabilize.
At 04:19 UTC on the 28th November, a switch began failing. Traffic was routed to an alternate data center. Unfortunately a software bug meant that those servers were attempting to write to a master server in the first data center, and so those servers stalled. As a result from 04:20 UTC to 04:38 UTC the API was not responding.
Between 04:38 UTC and 05:01 UTC we deployed a series of fixes. Availability was between 95% and 50% during that time. The switch came back online at 05:11 UTC and availability returned to 100%.
At 07:20 UTC another switch failed, which caused a very brief outage and availability dropped to 60% during that time. This time however, traffic switched over to an alternate data center and by 07:32 UTC, the API returned to 100% availability.
WordPress users will have seen messages indicating that spam comments were temporarily held in the moderation queue during the outage. The Akismet plugin will re-try those now that the API is back up.
We’ve fixed several software problems already as a result of the failure. We’ve also identified some systems and software improvements that will prevent the same condition from happening in future, and we’re working to get those in place as soon as possible.
We experienced a partial API outage between 09:35 and 12:05 UTC on November 25th.
There was a sudden surge in spam traffic, on top of spam volumes that were already unusually high. One of our data centers began dropping some API calls, and responding slowly to others. Our systems team routed all traffic to another data center, and after a few minutes the load was stabilised. We estimate availability was 50-60% for the first hour, then 70% and up.
Availability has been back to normal since 12:05 UTC, November 25th.
Clients with a re-try feature – including all recent versions of the Akismet plugin for WordPress – will have automatically re-checked any comments that were missed due to the disruption.
Our systems team has identified the components that failed under load, and we’re working on an improved architecture that will allow a quicker response to unusually heavy loads.
Spam levels remain unusually high. The API is handling it comfortably now.
We often hear from Akismet users on WordPress that, even after activating our plugin, they are being flooded with spam via their contact forms. While Akismet will automatically begin checking all comments submitted on your post and page comment forms, we can’t simply hook into any contact form plugin (or theme) and handle those submissions, as well. The good news is that there are some really great (and free!) contact form plugins out there that include Akismet integration, and we thought that we’d let you know about them in case you’re in the market.
Jetpack by WordPress.com
Although Jetpack brings you a ton of other features that are native to WordPress.com, it includes a simple and powerful contact form module that is automatically integrated with the Akismet service. You’ll also notice that the submission queue has been designed to mirror the native WordPress comment queue as closely as possible to ensure ease of use and moderation. What’s more, Jetpack and Akismet are developed under the same roof by Automattic, which means that you can rest easy knowing that the integration is as tight as possible.
Contact Form 7
Another powerful – and ever so popular – option is Contact Form 7 by Takayuki Miyoshi. It boasts a great amount of flexibility, some really nifty features, is surprisingly easy to configure, and has been downloaded over 12 million times. Setting up the plugin to send data to our service will take some manual configuration, but the steps are fairly simple and are clearly outlined here.
Fast Secure Contact Form
If you’re looking for an incredible amount of options and still wish to have the peace of mind that Akismet is checking form submissions, Fast Secure Contact Form by Mike Challis may be a plugin to explore. The plugin even allows you to customize how Akismet handles spam submissions and includes customizable CAPTCHA as an additional line of defense.
Note that, with all of the plugins mentioned above, you will need to have Akismet installed and activated for the integration to work. And while we are unable to provide technical support for Contact Form 7 or FS Contact Form, we’re always more than happy to help you through any potential problems with Akismet functionality. Give us a shout!