Support » Fixing WordPress » Use no spam plugins?

Viewing 15 replies - 1 through 15 (of 24 total)
  • I don’t use any lately at a blog that use 1.5-gamma, and it’s all good and shiny. A good list of spam words seals the deal for me. It’s not watertight, but it works well for me.

    Moderator James Huff


    Volunteer Moderator

    Well, Bryan, that depends on how you would define that. I’m using WP’s default blacklist and WP-HashCash. Ok, so I am using an anti-spam plugin, but give me a chance to explain. I don’t consider WP-HashCash to be the same as most other anti-spam plugins (IOW captchas, Spam Karma, and Spaminator), because it requires no maintenance or intervention on my part, and it’s invisible to my readers. WP-HashCash uses an encrypted hidden field. You must have javascript enabled to decode the encrypted field (most bots don’t use javascript) and must have entered the comment from the actual post link to generate the correct value for the field. So, if a bot either didn’t have javascript or directly visited wp-comments-post.php, the comment would simply not go through. No deleting, no moderation, it just never existed. This works miracles, as long as all of your readers have javascript enabled (mine do).


    The spam words list at the Codex, right? Sweet! I’ll try going without Spamintor for a bit and see how it goes.

    Also, did you leave your trackbacks and pingbacks enabled? I’m still pondering that.

    Thanks for the speedy reply, man. =)

    – Bryan

    Moderator James Huff


    Volunteer Moderator

    Bryan, if you want a really hefty blacklist, try mine: (I’m not responsible for any psychological damage sustained by the use of this list.)

    Also, Lorelle has added her blacklist after three months of running Kitten’s Spam Words:

    Thanks James! Methinks I’ll try yours first. =)

    I have WP Hashcash and Spam Karma running, the latter because i had a lot of trackback spam recently… My SK blacklist is at

    The reason I can use no spam plugins?

    * People who don’t have an approved comment are held for moderation, so spam never sees my site.
    * I have blatant spam terms in the built-in blacklist so I never see it
    * Anything that comes through is so easy to delete from the moderation screen

    That doesn’t mean I’m not getting any spam, in fact thousands and thousands, I just never see it.

    So Matt’s not using any spam plugins. It’d be cool if he wasn’t the only one, but I just haven’t seen any posts on it. Has anybody else had success with this?

    After some tries with SpamKarma and Spaminator, I ended in using the best anti-spam around (by far) : moderation


    I tried just moderation to kill Spam but I found that I was spending too much time deleting comments from the moderation queue.

    I use Spam Karma and I modify my .htaccess based on the output from Spam Karma and I find this incredibly efficient in stopping spam. If you would like to see a copy of the .htaccess file I created – click here – this is, by definition, a work in progress.

    Hope this helps,


    I should add to that last comment that editing .htaccess files should be done with extreme care as they have the power to take down your entire site, if mis-configured.


    @matt: Can you post your spam terms and stuff somewhere? If you could do that in the Codex, I think that’d be pretty cool. Also, do you put anything in .htaccess or try to do it all from your admin control panel?

    @tom: thanks for posting your .htaccess file. Someone will find good use of it!

    I think moderation would work for me because I don’t get that many comments. 😉

    Moderator James Huff


    Volunteer Moderator

    Thanks, Tom! That’s actually more educational than most of the tutorials I’ve seen.


    thanks – I have a more comprehensive tutorial on using .htaccess and how I came to create that file here here – hope it is useful to someone.


    I haven’t been using spam plugins since January 11. I found that by using the contents of the moderation list in the blacklist, as well as adding the odd IP, and those munged IDs they were posting with for a while (and may still be, but I don’t see ’em), I have been successful in keeping most spam out. I also don’t allow more than 2 hyperlinks in any post. So far I have only had to deal with the moderation queue twice, and on each occasion I have added the relevant part of the URL to my blacklist. I have had no inappopriate comments actually getting in, and I have no need to moderate manually. Its working. My blacklist is really quite short.

    Only two days since I posted this and I have been hit by a spammer (t-h) whose name in a few variations (including the one he used to post, PLUS words he used) is on the blacklist. However he was still able to post. ??????

    Back to moderating every comment 🙁

Viewing 15 replies - 1 through 15 (of 24 total)
  • The topic ‘Use no spam plugins?’ is closed to new replies.