[wp-hackers] Spam load

Dr Deviant deviant at dr-deviant.net
Wed Dec 27 15:52:19 GMT 2006

Why not use some form of CAPTCHA on the submit?

I have a plugin that does this, but it hooks into the post after Akismet 
and Span Karma 2 so they still get logged as spam at the moment, but 
nothing appears on the site or listed in comments because the plugin 
does a very unpleasant "die()" if the CAPTCHA is not met regardless of 
whether it is spam or not.

Another way of making it harder (development on the part of Wordpress 
required though) would be to generate a random md5 string based on the 
system time as part of the wordpress install/config/upgrade, and name 
the file that (for example 
add_comments_40be4e59b9a2a2b5dffb918c0e86b3d7.php - store this in the 
database and obfuscate the link in all the pages.

The other way that works for me though is to force posters to be logged 
in to comment ;-)  - I don't have many friends :-)


*Dr Deviant*
www.dr-deviant.net <http://www.dr-deviant.net/>
deviant at dr-deviant.net <mailto:deviant at dr-deviant.net>

More information about the wp-hackers mailing list