Comment spam
My First Comment Spam
Posted by Kitten @ 14.10, in Weblogs & WordPress
http://blog.mookitty.co.uk/category/wordpress/
This morning I was greeted in my inbox with a message saying that I had a new comment to one of my posts. Great! I think, only to look an find out I’ve been comment spammed.
That is just plain rude.
So what to do about it? After a little surfing on the subject, I decide on a few minor changes and to take advantage of WordPress’ built in spam guard features. The first change was rename the links for my comments to “opinions,” that way, any really stupid bots looking for a “comment” link won’t find it.
The other changes were to the WP settings:
I turned on the option to require a name and email address when posting. Also I edited wp-comments-post.php to increase the crapflood timeout from 10 seconds to a minute.
I reduced the number of links allowed in a comment to 2. The problem here was that it didn’t work, regardless of the settings! So after getting up to my elbows in the PHP of functions.php I found the bug and fixed it. (I’ve sent the fix to Matt so I hope it’ll be into the CVS soon. If you want the fix now, the replacement check_comment function is at: mookitty.co.uk/comment-fix.txt)
Now that I know that I have crapflood protection and link limits working, I’m not too worried about building a spam words list. I might put the favorites in there, but I’m not going to get too strict about it.
From the investigation that I did, it seems that this has really put the bug up people’s arses, and they’re dropping nuclear bombs to kill a fly. But since most blogging software out there really doesn’t have much in the way of spam protection, I can understand it.
But if we start a comment spam arms race, we lose a lot of what make the blogoverse so cool. So let’s keep it simple!