[wp-hackers] Anti-spam Idea

Mark Jaquith mark.wordpress at txfx.net
Sat Dec 18 07:25:54 UTC 2004

Podz wrote:

> I don't know how these things actually work on a code level, but after 
> reading a link from Matt's blog about MT / comment flooding and server 
> stuff, I just wondered what would happen if a wp blog protected by any 
> current plugin was hit with several hundred comments in a short space 
> of time - even ones that would not trigger an anti-spam feature if the 
> IP was varied and the content was normal.

I think WP would handle it just fine.  Spam Karma can easily nab 
solitary spam, and a flood of varried spam isn't really different than a 
slow stream of varried spam, so the vast majority of it would get 
caught.  With regards to the MT comment flooding stuff, the problem 
there isn't even that spams get through... it's that even if they don't 
get through, MT uses an insane amount of server resources.  Just look at 
the recent 6A announcement that says that even blocked comments are 
triggering page rebuilds (when nothing will have changed).  Wordpress's 
commenting system (minus any anti-spam measures, of course) is basically 
(1) make sure all required fields are filled (2) make sure it is a 
comment on a valid post (WP 1.2.1+) (3) Make sure that IP hasn't posted 
a comment in the last 10 seconds (4) stick it in the DB.

Honestly, I don't think that this process is really that much more 
server intensive than a regular page load, for WP.

More information about the hackers mailing list