Support » Fixing WordPress » ultimate comment spam blocker

  • seriously, I am sort of surprised no one has done this before, so far it has worked wonders for me 🙂
    The idea is simple. Comment spammers typically use ‘links’ to add comments to your old posts. so what I did was simply add a hidden field in the comments form in ‘wp_comments.php’ with a random name and random number in it. Then in ‘wp_comments_post.php’ I made sure this was present. Now if anyone tries to add a comment via the url they won’t be able to because that field won’t be present. So far I have not had any spam since this has been implemented.
    Try it out for yourself!

Viewing 15 replies - 1 through 15 (of 29 total)
  • Moderator James Huff


    Would you mind explaining this a little bit more? I don’t see it implemented at your site. Am I supposed to?

    Mark (podz)


    Support Maven

    This sounds … erm … interesting ?

    Moderator James Huff


    Hm, interesting. I like it. Let us know how well it does after a week. ^_-

    I have both wellards hacks (wp-comments and wp-register) installed and also the referer code at the top of ws-comments-post.php, but still getting spam.
    I am installing this hack now so I can verify if it works or not. thanks for the hack shep! 🙂

    I noticed that with this hack you cannot post comments while logged into your blog. Can anyone think of a way around that?

    Thank you very much, Shepherg!
    Your help was very useful for my blog, because different online casinos is very obtrusive.
    With your help I was healed this problem.
    Thank you one more time!

    It must have been an anomoly because it stopped. It now lets me make comments while still logged in. Sorry for any confusion.

    where exactly in the php files do you put this?

    well, so far I have had no spam and have had several other people with a lot more extensive blogs confirm the same success. This is a little more extensive then just changing the name because this removes the possibility of a ‘link-bot’ from attacking the script all together. Changing the name doesn’t.
    I do however acknowledge that using a crawler that would fill in the form elements and select submit would indeed allow a person to post advertisements but that is so few and far between that I don’t really see that happening. And it would be so few and far between that it would be easy to delete the one or two spam posts a month.
    This gets rid of the overwhelming amount of posts however and makes wordpress a little easier to manage.

    where specifically in wpcommentspost do I put the following???
    if ( $_POST[‘Ac12fgh’] != ‘1102302394’ )
    die( __(‘Sorry, you can not post comments here!’) );
    can you tell me where after what piece of code I need to insert it?

    anywhere before do_action(‘wp_comment’) or somethign like that…
    it just has to be before the comment is inserted into the db..

    Sorry, shepherg, but for non-coders, non-geeks your answer: it just has to be before the comment is inserted into the db doesn’t mean anything 🙂
    If you really want to be helpful for those guys, then, please, say:
    – open xxxx.php file;
    – find the line… [give the approx. line #] AND quote 1-2 lines;
    – insert the code above/below… or instead

    I use Authimage hack and it really works.

    Full explanation on how to implement this hack:

    Just a confirmation note on what happened to me.
    1.) Was getting spammed by bots.
    2.) Added registered user only hack (and tested it) so that only registered users could place comments.
    3.) Still getting spammed by bots.
    4.) Added the refferer check to the top of the This is supposed to stop the bots coming directly to the wp-comments-post.php file.
    5.) Still getting spammed. The bots figured out how to get around the reffered code.
    6.) Installed this hack. SPAM Stopped cold.
    As far as I’m concerned about 99% of the spam is coming from these same scripts. They go directly to the wp-comments-post.php file. The only registered user doesn’t do anything to stop them, and the reffered check is not effective. This simple hack as of the present time will stop you getting spam, so it is the way to go. I’m leaving in the registered user hack, but I don’t think it is necessary.
    thanks for this hack.

Viewing 15 replies - 1 through 15 (of 29 total)
  • The topic ‘ultimate comment spam blocker’ is closed to new replies.