We have approximately 30 stripe sites (in various revisions) hosted on a single FreeBSD box, that are currently under continuous attack.
Beginning several weeks ago, we noticed periodic serious slowing of the server. We traced it to a non-promoted site under development. The stock blog page had 6500 comments to the "successfully installed" item. These comments consisted of lists of links to "porn/cialis/viagra" sites. We quickly removed the blog entirely from that site. We still have a server from "serverconnect.se" trying to hit that non-existent page about 600 times a day.
We soon had nearly all of the stripe sites suffering from similar comment postings to blogs/pages/gallery items .
We next added "PageComment::enableModeration();" to all the sites, resulting in hundreds to thousands of comments awaiting moderation in each of the sites.
Until we work out something better we have turned off "allow comments" on every page, or blog item in every site.
We get large waves of demand for specific comment numbers from IPs worldwide. These are mostly sites for local restaurants/landscapers/hair-dressers/veterinarians/non-profits, hardly of international interest.
Posting servers are in Sweden, Netherlands, and Belize. They seem to be monitored for success by a German IP registered to a Russian address.