.htaccess rewrite rules?

I could add support for this. The problem though, is that I’ve also added support for sporadically changing the key used within the cookie to ensure that spammers can’t simply copy it and use the same one over and over again. I could provide a way to turn that functionality off and use a rewrite rule instead though perhaps.

Could you provide the .htaccess rules you used to get it working temporarily? It would also be handy to have the rules for doing this in Nginx, as most high traffic WordPress powered sites use that now anyway. I don’t have any Apache servers left to test with either, so I’d need to have you or someone else test the Apache side of it for me too.

I’ve started formulating a plan to implement this for you:
https://github.com/ryanhellyer/spam-destroyer/issues/19

Since that dynamically changing key has caused numerous problems due to hyper aggressive caching, I think for the sake of compatibility that it would be a good idea to do away with it entirely and allow users to manually modify it either via another plugin or via a hidden options page (accessed via the plugins listing at /wp-admin/plugins.php). Or at least that is my current plan. I’m open to alternative suggestions ??

Actually, on looking through the code, it appears I factored this in a while ago, but only included support for this at the lowest protection level (the new version will have multiple levels of protection implemented). I am revising how that works right now, since it is negatively affecting multiple people.