[wp-hackers] Close old comments and pingbacks: feature or plugin?

Deirdre Saoirse Moen deirdre at deirdre.net
Sat Jul 15 01:22:31 GMT 2006


On Sat, 15 Jul 2006, Jeremy Visser wrote:

> I looked at the way spam bots were hitting my "guinea pig" guestbook
> (like several hundred in a day :D) and I noticed that they never
> actually hit the index page and just posted straight to sign.php (or
> wp-comments-post.php in WP's case). So I went and put in the "Unique ID"
> protection to force the bots to visit the index page first (the unique
> ID is only retrievable via index.php), which 99% of them don't (they
> must use the Google Cache or something to find out what my form looks
> like), thus rejecting the spam comments!

I haven't looked at the wordpress internals in a LONG while, so I don't
know how feasible this is, but I've heard two other approaches that have
worked:

1) Allow posting of comments only through javascript.

2) One I'm using in a rails app: if a request is given for certain urls
and there's no variable set (from a prior page) in the session object,
then redirect instead of serving the page.

redirect_to 'index' and return if session[:last_page_id].nil?

-- 
_Deirdre  web / blog: http://deirdre.net/
"Memes are a hoax! Pass it on!"


More information about the wp-hackers mailing list