suggestions for WP-Hashcash
-
Suggestion 1 — you might want to:
– add the following before the comment form
<noscript>
This form is spam-protected by wp-hashcash. Please enable javascript and reload this page to use it.
</noscript>– have the plugin add disabled=”disabled” to all of the form’s fields
– add the following script when the page is finished loading or after the form is loaded:
<script>
document.getElementById( ‘author’ ).disabled = false;
document.getElementById( ’email’ ).disabled = false;
document.getElementById( ‘url’ ).disabled = false;
document.getElementById( ‘comment’ ).disabled = false;
document.getElementById( ‘submit’ ).disabled = false;
// any other you automatically detect
</script>Suggestion 2 — you might also want to take advantage of the md5 js and encrypt (and decrypt):
– ‘wp-comments-post.php’ (or whatever the form’s action is)
– any case-insensitive occurence of ‘wordpress’, ‘blog’, ‘comment’, ‘trackback’, ‘pingback’, etc. (that way, you can only manually discover a blog)Still taking advantage of the js:
– encrypt / decrypt any emails that the user left behind so they are not easily found by spiders
- The topic ‘suggestions for WP-Hashcash’ is closed to new replies.