WordPress.org

Ready to get started?Download WordPress

Forums

ultimate comment spam blocker (30 posts)

  1. shepherg
    Member
    Posted 9 years ago #

    seriously, I am sort of surprised no one has done this before, so far it has worked wonders for me :)
    The idea is simple. Comment spammers typically use 'links' to add comments to your old posts. so what I did was simply add a hidden field in the comments form in 'wp_comments.php' with a random name and random number in it. Then in 'wp_comments_post.php' I made sure this was present. Now if anyone tries to add a comment via the url they won't be able to because that field won't be present. So far I have not had any spam since this has been implemented.
    Try it out for yourself!

  2. James
    Happiness Engineer
    Posted 9 years ago #

    Would you mind explaining this a little bit more? I don't see it implemented at your site. Am I supposed to?

  3. Mark (podz)
    Support Maven
    Posted 9 years ago #

    This sounds ... erm ... interesting ?

  4. James
    Happiness Engineer
    Posted 9 years ago #

    Hm, interesting. I like it. Let us know how well it does after a week. ^_-

  5. dozer
    Member
    Posted 9 years ago #

    I have both wellards hacks (wp-comments and wp-register) installed and also the referer code at the top of ws-comments-post.php, but still getting spam.
    I am installing this hack now so I can verify if it works or not. thanks for the hack shep! :)

  6. wgmeisheid
    Member
    Posted 9 years ago #

    I noticed that with this hack you cannot post comments while logged into your blog. Can anyone think of a way around that?

  7. trotz
    Member
    Posted 9 years ago #

    Thank you very much, Shepherg!
    Your help was very useful for my blog, because different online casinos is very obtrusive.
    With your help I was healed this problem.
    Thank you one more time!

  8. wgmeisheid
    Member
    Posted 9 years ago #

    It must have been an anomoly because it stopped. It now lets me make comments while still logged in. Sorry for any confusion.

  9. lawtai
    Member
    Posted 9 years ago #

    where exactly in the php files do you put this?

  10. shepherg
    Member
    Posted 9 years ago #

    well, so far I have had no spam and have had several other people with a lot more extensive blogs confirm the same success. This is a little more extensive then just changing the name because this removes the possibility of a 'link-bot' from attacking the script all together. Changing the name doesn't.
    I do however acknowledge that using a crawler that would fill in the form elements and select submit would indeed allow a person to post advertisements but that is so few and far between that I don't really see that happening. And it would be so few and far between that it would be easy to delete the one or two spam posts a month.
    This gets rid of the overwhelming amount of posts however and makes wordpress a little easier to manage.

  11. Anonymous
    Unregistered
    Posted 9 years ago #

    where specifically in wpcommentspost do I put the following???
    if ( $_POST['Ac12fgh'] != '1102302394' )
    die( __('Sorry, you can not post comments here!') );
    can you tell me where after what piece of code I need to insert it?

  12. shepherg
    Member
    Posted 9 years ago #

    anywhere before do_action('wp_comment') or somethign like that...
    it just has to be before the comment is inserted into the db..

  13. moshu
    Member
    Posted 9 years ago #

    Sorry, shepherg, but for non-coders, non-geeks your answer: it just has to be before the comment is inserted into the db doesn't mean anything :)
    If you really want to be helpful for those guys, then, please, say:
    - open xxxx.php file;
    - find the line... [give the approx. line #] AND quote 1-2 lines;
    - insert the code above/below... or instead
    thanks!

  14. _g_
    Member
    Posted 9 years ago #

    I use Authimage hack and it really works.

  15. shepherg
    Member
    Posted 9 years ago #

    Full explanation on how to implement this hack: http://www.imporium.org/wordpresshack.xml
    Enjoy!

  16. dozer
    Member
    Posted 9 years ago #

    Just a confirmation note on what happened to me.
    1.) Was getting spammed by bots.
    2.) Added registered user only hack (and tested it) so that only registered users could place comments.
    3.) Still getting spammed by bots.
    4.) Added the refferer check to the top of the wp-comments.post.php. This is supposed to stop the bots coming directly to the wp-comments-post.php file.
    5.) Still getting spammed. The bots figured out how to get around the reffered code.
    6.) Installed this hack. SPAM Stopped cold.
    As far as I'm concerned about 99% of the spam is coming from these same scripts. They go directly to the wp-comments-post.php file. The only registered user doesn't do anything to stop them, and the reffered check is not effective. This simple hack as of the present time will stop you getting spam, so it is the way to go. I'm leaving in the registered user hack, but I don't think it is necessary.
    thanks for this hack.
    dozer

  17. Matt Mullenweg
    Troublemaker
    Posted 9 years ago #

    I turned this into a plugin:
    http://wordpress.org/support/10/16642

  18. shepherg
    Member
    Posted 9 years ago #

    I am glad I could help you guys ;)
    Gene Shepherd
    http://www.imporium.org

  19. Anonymous
    Unregistered
    Posted 9 years ago #

    Smart thinking!! It works, and it stopped 99.99% of the spam!

  20. fatherofpip
    Member
    Posted 9 years ago #

    noticed it didn't like working together with :
    next/previous post in same category
    and
    next/previous archive date
    from scripty goddess
    currently getting the crap spammed out of me so here's hoping...
    -r.

  21. James
    Happiness Engineer
    Posted 9 years ago #

    Fatherofpip, have you tried any other solutions? http://www.tamba2.org.uk/wordpress/spam/

  22. Kerim
    Member
    Posted 9 years ago #

    That tamba2.org.uk site is amazing!!! I hope WP 1.3 developers can implement some of these features by default.

  23. Anonymous
    Unregistered
    Posted 9 years ago #

    just installed spam-karma and realised that after i've activated it, my wp-blacklist plugin stopped working. is it supposed to be like that? o_O
    before installing spam-karma, under options > discussion, i've actually checked the box for the comments to go through moderation. however, after installing spam-karma and activating it, i tried posting comments and it appeared without needing to go through moderation.
    am i making sense? *_*
    anyways, is that how spam-karma is suppose to work in the first place? o_O does that mean, with spam-karma, i dont need other plugins to refrain spams from getting in?
    - liz

  24. Anonymous
    Unregistered
    Posted 9 years ago #

    so after installing spam-karma like i mentioned previously, deleted of wpblacklist plugin, and left it overnight, came on today and found that loads of comments are being trashed by spam-karma even when it isn't spam. -_-" so i deleted of spam-karma, have only autoshutoff comments plugin and the google redirect plugin, andd dont have any spam words under my comment moderation box and didnt check on the box where it says "An administrator must approve the comment (regardless of any matches below)" BUT, when i tried commenting, it still went into moderation. *_*
    what's goinggg oonnn??
    - liz

  25. awh
    Member
    Posted 9 years ago #

    This plugin is broken. When you submit a comment, you just get a blank page.

  26. roro
    Member
    Posted 9 years ago #

    I also get a blank page, nothing more

  27. aklefdal
    Member
    Posted 9 years ago #

    This plugin worked fine for a while, but now I'm being flooded. Fortunately my Blacklist plugin sends all the posts to moderation, but still....

    What plugin to use now?

  28. cdkrall
    Member
    Posted 9 years ago #

    You might search for trencaspammers, which stopped my spam issue cold for about a month. There are English instructions in the download if you don't do Spanish.

    Sadly, I just switched to SK because of the glowing reports here.

    Trencaspammers still worked, just wanted a more transparent process, not making legit posters do work that only spammers should have to.

  29. James
    Happiness Engineer
    Posted 9 years ago #

  30. autumnqiu
    Member
    Posted 9 years ago #

    http://www.imporium.org/wordpresshack.xml

    I realised that with the recent upgrade to 1.5 Strayhorn, this hack is no longer compatible because the following line (where we are supposed to add the coding above it in wp-comments-post.php) no longer exists:

    In Line 45 for 1.2.x
    $now = current_time('mysql');

    I managed to implement this hack in 1.5 though, by adding the stipulated coding:

    if ( $_POST['[insert random name]'] != '[insert random value]' ) die( __('Error: You must use the form to post.') );

    Below this line [line 37]:
    if ( '' == $comment_content )
    die( __('Error: please type a comment.') );

    Does anyone have any idea whether this would work, any PHP gurus out there who are able to determine? :P If required, I can send you a copy of my file.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.