StructureCMS

February 19, 2010

Another way to stop wordpress spammers

Filed under: PHP — joel.cass @ 9:22 am

It seems that getting a good ranking on a search engine can be a double-edged sword. Whilst it helps people find you, it also helps nasty spammers to find a way into your site so they can post their comments. Sure, wordpress does have some spam filtering ability thanks to the akismet plugin, but it would be so mauch better if they can be stopped at the source.

One way I have stopped spammers on my site is by implementing a text field inside a hidden block, as follows:

<!-- would recommend that this actually goes into a CSS file -->
<style type="text/css">
	.spam-check { display:none; }
</style>
..........................
<!-- spam detection -->
<p class="spam-check">
	<input type="text" name="spamcheck" id="fldSpamCheck" value="">
	<label for="fldSpamCheck">Please leave this field blank</label>
</p>
<!-- /spam detection -->

..and then on the processing side I would do something as follows:

// jnet spam detection
if (!isset($_POST['spamcheck']) || $_POST['spamcheck'] != "") {
	die('Error: please do not fill in the field that tells you not to fill it in.');
}
// end jnet spam detection

The beauty of it is that there are no CAPTCHA’s involved, and no thinking on the user’s side. The common trap that these spambots fall into is that they fill out all the fields in the form with useless garbage. Because this field is meant to be blank, the submission fails.

Furthermore, any user with a CSS enabled browser does not see the field. A user who can see the field can tell from the label that it is not meant to be filled in. So everyone wins! (Except the nasty spammers).

In wordpress, you will need to add the first code block to the files:

  • /wp-content/themes/[your_theme]/comments.php
  • /wp-content/themes/[your_theme]/comments-popup.php

…and you will need to add the second code block to the following file:

  • /wp-comments-post.php

…and you’ll be done! At least until the spammers figure out how to get around it.

1 Comment »

  1. Dollars! Viagra! Lucky dollars! Join now! http://10.0.0.1/ksjdhdskhfklsdf.dsgsdg/?jdjkdjdjsdkjakjd!!!!

    Comment by Lucky $$$$ — April 22, 2010 @ 1:32 pm

RSS feed for comments on this post. TrackBack URL

Leave a comment