dannyman.toldme.com


Technical

WordPress Comment Spam

If you have a blog, you will get comment spam. Comment spam is like fax spam or e-mail spam except its people trying to sell stuff by posting advertising in comments to your blog.

There’s all sorts of crazy solutions you can try. A version or so back I put in one nice little plugin that simply required the web browser to do some math in JavaScript, and comments would only be posted if the math was done right.

A lot of the more complicated solutions sound a little half-baked, annoying, too much work, or just plain insane. I absolutely hate some of the “type in the word that appears in this image” because half the time I can barely make it out with my feeble HUMAN eyes … argh!

Well, I just read an even simpler solution, and since I was working on my comments.php I thought I’d give it a shot. It basically boils down to:

  1. Edit your wp-content/themes/default/comments.php (or whatever theme you are using) and change the line that references the “email” form field to something else. I’ve changed to “dtcemail”:
      <p><input type="text" name="dtcemail" id="dtcemail"
         value="<?php echo $comment_author_email; ?>" size="22" tabindex="2" />

      <label for="dtcemail" ><small>Mail (will not be published) <?php if ($req) _e('(required)');
        ?></small></label></p>
  2. Edit you wp-comments-post.php and change the $comment_author_email assignment to whatever you changed your e-mail to, above:
      $comment_author_email = trim($_POST['dtcemail']);

The premise, like the plugin I ran on an earlier version that did the JavaScript mathematics, is that spammers run scripts that mostly work. So, posting name and email works on 90% or more of blogs, so most spammers will just use that. Eventually maybe enough people will be evading spam in similar ways, and the spammers will shoulder the burden of parsing FORM submit instructions and spamming us the right way. But since there are probably plenty of vulnerable blogs out there, this is not worth the effort.

Cheers,
-danny

Share this:

Read More

Next:
Previous:
Categories: Technical