[wp-hackers] More anti-spam ideas
Mark Wubben
markwubben at gmail.com
Mon Sep 27 10:06:37 UTC 2004
On Mon, 27 Sep 2004 05:52:11 +0200, Tara Star
<tellme at climbtothestars.org> wrote:
> inforequest wrote:
> > Since the value is in the resulting backlink, why not remove the value
> > to avoid comment spam?
>
> it will render it innefficient, but the spam will still end up on your blog.
>
> Steph
I think inforequest's solution is good, however it won't stop
spamfloods. We'd like to deal with those as well, don't we?
Kitty's solution goes great lengths to prevent scripts from posting
directly, that is, until they figure out the hash they need to send.
So, we need something dynamically enough to change per client, and
easy enough to be remembered and controlled by the system.
What if we hash the user's details with something unique, and store
this in the database and in the user's cookies. Not only does the
spammer need to provide his details in the form, he also needs to have
a valid hash which goes with the details. The hash could be obtained
by submitting a valid comment, however after that you can pinpoint the
spam comments to one single user (namely, his hash).
I figure this would work, but there are already measurements against
spamflooding. And you'd have to authenticate the first comment by the
user. So, perhaps not the best idea.
(Disclaimer: I'm a bit sick, and my brain's fried.)
More information about the hackers
mailing list