FWIW, it looks like the plug in is working fine in terms of stopping spam getting through. It says it has caught 95,234 spam comments. But my spam traffic is so high I want to catch it before it makes it onto the site, rather than blocking it after the fact. Thanks!
That’s a lot of spam.
If you set the plugin to delete comments that fail the captcha, then those comments will never enter your WordPress database… which I think is what you want?
Thanks so much for getting back to me.
Right now i have it set to delete when Captcha fails. But I am using Akismet mode. So not everyone is being prompted to enter a captcha. Only folks that Akismet catches. I just looked and I have about 2000 spam comments in Akismet since 11/28. So like two weeks. Which means that tons of comments are making it through before they are caught which is killing my server use even though they are not ending up on the site.
I can install a captcha plug in that requires everyone enter a code every time, but I was really trying to avoid going that extreme as so many folks hate filling out those forms and I worry it will limit comments. But my understanding is that this plug in offers an intermediate step where people are all required to enter it the first time and then not again if they are accepted. This is what I am talking about: “Basic mode: the plugin will serve a CAPTCHA to all commenters that aren’t logged in and don’t have a previously approved comment. Repeat commenters will never see a CAPTCHA.”
Is that still a feature? Or is there another way to do what I am trying to do? If so, can you help me figure it out? Thanks!
Yes, it’s still a feature. All you have to do is deactivate Akismet, and the plugin will switch into that mode :-). Try it and hopefully that will block all the comments that are getting through.
Great, I will give that a try this afternoon. THanks so much!
Hi, I am hoping you can help me because this doesn’t seem to be working correctly. I am not sure exactly why. So as you indicated, I turned off Akismet. That was at about 3:15 EST. It it is set for Basic mode to queue for moderation of captcha is entered correctly and delete permanently if it is not.
In the past 4 1/2 hours since then, I have received about 35 spam comments that have ended up in my moderation queue. These were all obviously spam and things Akismet would normally have caught. I marked them as Spam, but I am not sure how they are getting through captcha. If I am understanding correctly, all these posters/bots should have faced a captcha request and presumably failed. How is it possible that they are not failing the captcha test? They should only come to me for moderation if they pass.
Then I have had about 9 legitimate comments that have come through. None of them have required moderation at all despite the setting that says people that pass should go to moderation. In fact, many of those posters told me they never even got a captcha prompt at all even though I just turned this on so they hadn’t been previously approved. They were able to post directly. My husband tried it from his phone and he triggered a captcha, but when he entered it correctly, his post went live also without moderation.
So I am not sure what is happening here, but things don’t seem to be behaving at all like I would have expected from the settings. Spam is getting through captcha with no problem at all (or maybe they are not even triggering the captcha response). And none of the posts that seem to be using it correctly are asking for moderation despite the settings.
Can you help me figure out what is going on? At this rate I am drowning in spam (I have no idea why my spam is so high) but I can’t moderate 10 posts an hour and I don’t understand why none of these are being caught. I can leave it running for a little while longer but soon I am going to have to turn it off and go back to Aksimet b/c this flow is just crazy high. Thanks so much!
P.S. If these spammers have posted before (or got a comment through that Akismet caught) would they be considered “previously approved”? Is this why they are not triggering the captcha? And if so how do I deal with that?
Hi,
It sounds like something else is interfering and overriding the plugin’s behaviour. Do you have any other spam/comment-related plugins installed? If so, which ones?
P.S. If these spammers have posted before (or got a comment through that Akismet caught) would they be considered “previously approved”?
“previously approved” means there is currently an approved comment that matches the commenter’s name/email (comments that have been deleted/marked as spam don’t count).
I’m pretty sure that there is a conflict with another plugin happening here – let me know what else you have installed and we can try and figure it out.
Thanks SO much for getting back to me. I don’t *think* I have any other spam stuff running. I turned off Aksimet. Here are the other plug ins I have active:
– Add Quicktag
– Advanced Spoiler
– All in One Webmaster
– Blogger to WP
– Broken Link Checker
– Count per Day
– Easy Content Template
– Fix RSS Feeds
– Limit Login Attempts
– No Self Pings
– Online Backup for WP
– Shareaholic
– Redirection
– Simple Breaks
– Subscribe to Comments reloaded
– W3 Total Cache
– WP Missed Schedule
– WPtouch mobile
As far as I know, I have never approved any spam comments. They would have been caught by Akismet. I am still getting them pouring in. Mostly trackbacks, though I turned off the allow trackbacks function in WP. I am now up to 47 spam comments in about 7 hours. All of them are making it through the Captcha to be moderated. And as I said, some of the legit commenters are getting captcha, some aren’t, and none are requiring moderation.
Thanks! JJ
Hmm all of those plugins should be fine, so I’m not really sure what’s wrong…
The only other thing I can think of is that you’ve said you’re using WordPress 3.5.2 (which is quite old now, and it is possible that the site has been compromised)… and that maybe you should try upgrading? Apart from that, I really don’t know what it could be. I’ve just tested the plugin itself and everything works as expected.
OK, I just upgraded my version of Word Press to the newest one. I also see your test post. Did you get a captcha? I got prompted to moderate.
I guess we will see if that helps. I just don’t understand why it is not working at all as expected. Is it possible these spam posts are somehow getting by the captcha? That would be 50 posts in about 9 hours that passed the captcha test. is that even possible? If they are not beating the captcha, how are they getting through?
I got a captcha, and completed it correctly. So everything worked as expected that time.
No idea why other comments are getting through. Let’s see if upgrading fixes the issue (I’d also recommend changing all login passwords just in case the site was compromised)… if not, can you post sample details of the comments that are getting through (type – comment/pingback etc, IP address, email, name)?
Here are a few examples. These are clearly spam, and definitely things that Akismet was previously catching. It is obvious these aren’t real people. So for them to make it through means either the bot beat the captcha, or that it didn’t give them a captcha. Neither makes sense to me though. Every poster should be getting a captcha and everyone passing should be moderated and that is not happening. I get hundreds of these a day. Here are some examples:
http://www.wildwoodcrest.org/PDF/jersey/nike-basketball-jersey-size-chart/index.asp
wildwoodcrest.org/PDF/jersey/nike-basketball-jers…
59.60.117.62
Submitted on 2013/12/15 at 12:02 am
http://www.wildwoodcrest.org/PDF/jersey/nike-basketball-jersey-size-chart/index.asp
http://www.wildwoodcrest.org/PDF/jersey/customized-jerseys-nfl/index.asp http://www.wildwoodcrest.org/PDF/jersey/customized-jerseys-nfl/index.asp
And
womens canada goose jackets
myfmnanjing.com/wp-content/uploads/2014/canadagoo…
27.159.209.183
Submitted on 2013/12/14 at 11:57 pm
womens canada goose jackets
canada goose chateaucanada goose manitoba jacket?????? canada goosecanada goose chateau parkadoudoune canada goose pas cherDoudoune Canada Goosecanada goose parkacanada goose parkabuy chanel handbagsChanel Pursescanada goose femmemanteau canada gooseca…
Hey there,
do either of you know whether or not it is possible to turn off the security the enables captcha after 50 posts?
thanks!
