[wp-hackers] More anti-spam ideas

[Mark Shields]

>Since the value is in the resulting backlink, why not remove the value
to avoid comment spam?

This can already be done with the Google Redirector and MD5Hash
plugins.  I use both in conjunction along with Dougal's Tarpit for
that Extra Protection(r).


On Mon, 27 Sep 2004 12:06:37 +0200, Mark Wubben <markwubben at gmail.com> wrote:
> On Mon, 27 Sep 2004 05:52:11 +0200, Tara Star
> <tellme at climbtothestars.org> wrote:
> > inforequest wrote:
> > > Since the value is in the resulting backlink, why not remove the value
> > > to avoid comment spam?
> >
> > it will render it innefficient, but the spam will still end up on your blog.
> >
> > Steph
> I think inforequest's solution is good, however it won't stop
> spamfloods. We'd like to deal with those as well, don't we?
> 
> Kitty's solution goes great lengths to prevent scripts from posting
> directly, that is, until they figure out the hash they need to send.
> So, we need something dynamically enough to change per client, and
> easy enough to be remembered and controlled by the system.
> 
> What if we hash the user's details with something unique, and store
> this in the database and in the user's cookies. Not only does the
> spammer need to provide his details in the form, he also needs to have
> a valid hash which goes with the details. The hash could be obtained
> by submitting a valid comment, however after that you can pinpoint the
> spam comments to one single user (namely, his hash).
> 
> I figure this would work, but there are already measurements against
> spamflooding. And you'd have to authenticate the first comment by the
> user. So, perhaps not the best idea.
> 
> (Disclaimer: I'm a bit sick, and my brain's fried.)
> 
> 
> 
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org
> 



-- 
- Mark Shields