[wp-hackers] Spam load
deviant at dr-deviant.net
Wed Dec 27 15:52:19 GMT 2006
Why not use some form of CAPTCHA on the submit?
I have a plugin that does this, but it hooks into the post after Akismet
and Span Karma 2 so they still get logged as spam at the moment, but
nothing appears on the site or listed in comments because the plugin
does a very unpleasant "die()" if the CAPTCHA is not met regardless of
whether it is spam or not.
Another way of making it harder (development on the part of Wordpress
required though) would be to generate a random md5 string based on the
system time as part of the wordpress install/config/upgrade, and name
the file that (for example
add_comments_40be4e59b9a2a2b5dffb918c0e86b3d7.php - store this in the
database and obfuscate the link in all the pages.
The other way that works for me though is to force posters to be logged
in to comment ;-) - I don't have many friends :-)
deviant at dr-deviant.net <mailto:deviant at dr-deviant.net>
More information about the wp-hackers