A visitor reported that he was seeing PHP errors on my Contact Form page, and was good enough to forward what he saw. It was caused by my anti-spam plugin, so I’m trying a different one. Eye-glazingly geeky notes follow, so beware!
I am not sure how frequently these errors occur, or what the cause is; this is the first time anyone has reported it. The cause might be due to live configuration changes that are made on the web host, or there is some problem with PHP (running as FastCGI) under certain load conditions. In any case, it’s an irking problem, and this motivated me to try a different anti-spam plugin: Bad Behavior.
I’d heard a lot of good things about it, and installation went without a hitch. Its claim to fame: it apparently stops comment spammers from even reaching the webpage, which theoretically helps lower bandwidth. WP-HashCash, on the other hand, does its verification after a comment is submitted. And it seems to occassionally generate those session_start errors, which is why I dumped it. It probably isn’t the fault of the plugin, but I’m not quite ready to rebuild my website server environment.
WP-HashCash, however, seems to be more effective. When I had it installed, it blocked all spam comments (version 2.3, which isn’t even the most recent one). I forgot that comment spam existed. After I switched to Bad Behavior, I was shocked (and ticked off) when I saw spam comments appear in my moderation queue. To be fair, I’ve only gotten 7, out of about 337 reported attempts. I’m going to run it for a few more days and try switching back to WP-HashCash to see if it’s just a coincidence…who knows, maybe there’s a new spambot in town.
To see how many attempts were made, I used the Bad Behavior Stats plugin: it interfaces with the Bad Behavior database table and displays them for you on your website. I also modified the plugin’s admin options page to show the stats there; the world doesn’t care how much comment spam I get.
More news as events warrant.