[wp-hackers] Another anti-spam technique

Owen Winkler ringmaster at midnightcircus.com
Fri Oct 29 05:27:37 UTC 2004


Less talking, more doing...  I built a plugin.
http://www.asymptomatic.net/wp-hacks/osa.zip

Sends to moderation:
-Comments that contain hand-written entity codes, like k
-Comments submitted with the HTTP_VIA request header set.

Using a small addition to the wp-comment.php page, will also send to 
moderation:
-Comments that are not submitted from the same IP address from which the 
comment form was requested.
-Comments that were not made within X minutes of downloading the comment 
form.

It will also approve unconditionally any comment submitted by an 
administrator who is logged in (userlevel >= 9).

All options can be toggled through an Options tab page using Ryan's menu 
upgrades.  The options page contains instructions for the code 
insertion.  Runs on latest CVS.  1.3 is required.  Drop into plugins 
directory and activate.

These changes are all that has kept out all 120 spam comments so far 
this evening.

Comments and suggestions are welcome.

Now where's my bed...
Owen





More information about the hackers mailing list