So I woke up today to find this e-mail in my inbox:
Dear Defensio user,
We have reasons to believe that a few of our api keys might have been compromised and our research indicates that your key(s) might be among them.
Don’t worry, YOUR ACCOUNT WAS NOT HACKED AND YOUR PERSONAL INFORMATION IS SAFE. However, in order to protect your privacy, we thought the best thing to do was to regenerate new api key(s) for you.
As of now, DEFENSIO IS NO LONGER FILTERING SPAM on your website or blog. To re-enable it, please login to your account at http://defensio.com and then go to “My API Keys” where you’ll find newly generated keys. You should then update your website or blog settings with the new key(s).
When an API key is invalid, apparently it’s supposed to go to the moderation queue, but it didn’t for me which meant I got 400-500 spams overnight on my blog. Lovely.
So, I just spent the last few minutes deleting page after page of spams from my blog. I thought I skimmed through each page looking for legit comments, but I know I missed at least one (of mine specifically). If you found one of your comments from the last 24 hours has gone missing, please post it again. I probably accidentally deleted it. Sorry.
As for Defensio, I’m still happy with their spam accuracy, but I really wish they’d fix that bug in their plugin. It was hugely annoying to wake up to so much spam on my blog. That’s the whole reason I use Defensio — to avoid that. *sigh*