[wp-hackers] Anti-spam Idea

Podz podz at tamba2.org.uk
Sat Dec 18 06:31:27 UTC 2004

First: I know zip about the technicalities, it's just an idea I've had 
after reading many blogs and articles recently.

1. Install plugin

2. Run part#1
- This queries the database and takes an average of comment numbers / 
time after discarding the top couple of posts (I think most people have 
a couple of posts where comments have gone on much longer than normal). 
This suggests two values: no. of comments and span of time.
User does something that sets the values

3. Run part#2
- This takes an initial value from the user as a seed and creates a 
couple of names

4. Plugin is now up and running. (It could do other anti-spam stuff too).

5. Plugin writes a constant log of activity - a bit like a "Blog Black 
Box" of code. This is set to record either by log size or number of 
events. It writes against all the criteria that would cause the next 
stage to kick in: IP / time between comments / no. of links / no. of 
spamwords used and it does so in a way that would be intelligible to 
anyone who runs a server. It can't be written so only the author can 
understand it - or you'll be the only one doing support.

6. Once the values set in #2 are hit, plugin:
- renames (using values from #3) any wp-comments* files and renames the 
comments table in the database
- writes a lot of values to .htaccess to 'deny from'
- emails the blog owner
- does something that indicates on the blog that all commenting is 
currently closed
- now writes the constant log but does so to a higher log size so as to 
capture everything subsequent to the attack, or writes another so the 
attack triggers are retained for future use.

7. Blog owner runs something that reverses the name changes, reminds 
them to take a copy of the log, undoes the .htaccess ... and whatever.

Like I said, I know nothing about coding - you should know that by now 
:) - so please don't shoot me for this idea eh ?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : /pipermail/hackers_wordpress.org/attachments/20041218/644835e9/signature.bin

More information about the hackers mailing list