[wp-hackers] Best way to 'enhance' wp-comments-post.php

Matt Mullenweg m at mullenweg.com
Thu May 25 19:48:48 GMT 2006

Eric A. Meyer wrote:
>    In order to block a flood of direct-submission comment spam-- stuff 
> that was just hitting the WP post scripts directly, never touching a 
> post or its comment form-- I hacked some measures into 
> wp-comments-post.php.  These took the basic form of checking to see if 
> the submission came from a post comment form, and if not, skipping over 
> everything in wp-comments-post.php from the comment "//if the user is 
> logged in" to the $location redirect.  By preserving the redirect, I 
> figured I could fool any scripts that hit the scripts directly but also 
> checked to see if they got the post page back as a result.

Instead of changing the script, I would highly recommend a plugin like 
Bad Behavior to complement your other spam protection measures.


Matt Mullenweg
  http://photomatt.net | http://wordpress.org
http://automattic.com | http://akismet.com

More information about the wp-hackers mailing list