Bandwidth is getting used up faster than I liked, even though I disabled comments sitewide and added the offending IP & domains to the protection control panel. Looking at the stats last night, that did nothing to keep the spammers out, so I emailed my ISP support. Ack, how could I forget? Using the control panel doesn’t work, it has to be done using the .htaccess file. Suresupport kindly added the few IPs I mentioned as well as the awful 163data domain.
It looks like all of this spam is from China, one of the worst spam producing countries. (I was surprised the US is #1 and twice as bad as China, I guess it’s email spam and not this dreadul comment spam.) A little research told me that I could block entire countries by IP. This is exactly what I’m looking for. I copied the entire IP block allocated to China into my .htaccess and denied them all. Yes, it means my website cannot be accessed from anywhere in China, ie if mm and I go to her flat for holiday (moot point, she has no internet there). But it can’t be helped. I’ve been monitoring the stats all day and it seems to have stopped the spam attack.