Remember that the CAPTCHA module disables page caching

By design, the Drupal CAPTCHA module disables page caching for pages it is enabled on.

So if you enable CAPTCHA for user login and/or registration forms, those pages will not be cached. This is often acceptable.

However, if you enable CAPTCHA for comments, and have the comment form visible at the bottom of each node, then a big portion of your site's pages will not be cached in the page cache at all.

This means that every node will be treated as if the user is logged in, even though it is anonymous visitors who are hitting. This incurs a lot of PHP execution and SQL queries to the database.

So, even though you are using memcache for your page cache, the site would probably suffer.

Contents: 

Tags: 

Comments

See above

See my "Two options" comment above.

Oh cool. Having just

Oh cool. Having just received my third "your VPS is over capacity" email in a week, from a client's site with every kind of caching I have access to (including Boost but not memcache) I've been wondering what the heck I've been doing wrong. If this is the reason that could be very cool.

The action to take if you use CAPTCHA (at least for D6) would be to

1) go to admin/content/types
2) Click the edit link for the page, blog entry, or other type you want to modify
3) Scroll down to Comment Settings
4) Find "Location of Comment Submission Form"
5) Select the "Display on separate page" option
6) Click Save Content Type

Repeat for each content type that might be displayed often enough to degrade performance.
Adjust accordingly for D7.

DTI

Which means CAPTCHA will not work

This means that CAPTCHA will not work either.

Boost is not suitable for large sites. Only for smallish sites on shared hosting.

We have an upcoming article on how it can slow down your site more than help it.

This is my experience as

This is my experience as well. I've done half a dozen performance audits where Boost was causing severe slowdowns on cron and when the node form was saved.

Mollom will also do this if

Mollom will also do this if you have 'captcha only' on the comment form for any reason.

Yes

Yes, you want it set to text analysis for comments, before it falls back to CAPTCHA.

So, what do you suggest we

So, what do you suggest we use for preventing spam? Does mollom work for cached pages because it is offsite? I find it good if you tell someone what not to do you should have a solution for what they can.

Two options

1) Make comments on a separate form. See the comment by DTI below for details.

2) Use Mollom, and make sure it is set as follows:

Protection mode: Text analysis
When text analysis identifies spam: Automatically discard the post