[wp-hackers] Best way to 'enhance' wp-comments-post.php

David Chait davebytes at comcast.net
Thu May 25 20:56:55 GMT 2006

with the caveat that BB can hit false-positives with many home-grown bot 
scripts for certain web services.  I believe Fark and PubSub both trip it, 
for example.

that's not to say don't use it, just that you'd need to customize it... ;)


----- Original Message ----- 
From: "Matt Mullenweg" <m at mullenweg.com>
To: <wp-hackers at lists.automattic.com>
Sent: Thursday, May 25, 2006 3:48 PM
Subject: Re: [wp-hackers] Best way to 'enhance' wp-comments-post.php

| Eric A. Meyer wrote:
| >    In order to block a flood of direct-submission comment spam-- stuff
| > that was just hitting the WP post scripts directly, never touching a
| > post or its comment form-- I hacked some measures into
| > wp-comments-post.php.  These took the basic form of checking to see if
| > the submission came from a post comment form, and if not, skipping over
| > everything in wp-comments-post.php from the comment "//if the user is
| > logged in" to the $location redirect.  By preserving the redirect, I
| > figured I could fool any scripts that hit the scripts directly but also
| > checked to see if they got the post page back as a result.
| Instead of changing the script, I would highly recommend a plugin like
| Bad Behavior to complement your other spam protection measures.
| http://www.homelandstupidity.us/software/bad-behavior/

More information about the wp-hackers mailing list