WP Comment Spam Protection just works

  • For the past couple of days, there has been someone trying to spam one of the blogs I manage.
    This person or group of people tried spamming it from 5 different locations and made 120 attempts. Unfortunately, for them, all of them were caught by the WordPress Comment Spam filter.
    The reason I think it was one person or a group of people is that the IPs seemed to originate from Ohio University, a hotel nearby, and a public library in Athens, OH.
    The comments all had 3-4 links in them and got caught because of that. Even if they didn’t have those links, they had words in there that were present in the spamword list.
    In any case, I thought maybe I could file complaints with the University, the hotel and the public library, but am not sure if I should bother.

Viewing 15 replies - 1 through 15 (of 19 total)

  • I use WP Blacklist, those people came back still and spammed my blog. I’m starting to think if I had applied it wrongly.

    Thread Starter vohiyaar

    (@vohiyaar)

    Yeah, I think you are right. ??

    I’m pretty ignorant about this, but why shouldn’t allowing only registered guys to comment work? to stop spam I mean

    I’m pretty ignorant about this, but why shouldn’t allowing only registered guys to comment work? to stop spam I mean

    I’m having this same problem. The comment moderation is working great (together with the blacklist plugin). However, I’m getting HUNDREDS of e-mails asking me to approve or disapprove comments, and then I have to deal with hundreds of pending posts in the moderation interface.
    To solve this problem it should be possible to permanently ban certain posts based on certain criteria (URL, IP #, etc.) and have these automatically be deleted WITHOUT modernation!
    Even better would be if the system could somehow identify when multiple IDENTICAL posts are awaiting moderation and stop sending e-mails or requesting moderation for future similar messages.
    Another solution is to also not allow the same IP to post too often within a certain amount of time.
    Please – something!!!

    For no moderation, straight to rejection:
    install wpblacklist. however, do not activate the plugin. instead, drop the following code in the wp-comments-post.php file in the root of your wp installation directory, after the die( __(‘Error: please type a comment.’) ); line.
    $approved = True;
    $sites = $wpdb->get_results(“SELECT regex FROM blacklist WHERE regex_type=’url'”);
    if ($sites) {
    foreach ($sites as $site) {
    $regex = “/$site->regex/i”;
    // echo “Regex: $regex
    “;
    if (preg_match($regex, $url))
    $approved = 0;
    if (preg_match($regex, $email))
    $approved = 0;
    if (preg_match($regex, $comment))
    $approved = 0;
    if (preg_match($regex, $author))
    $approved = 0;
    }
    }
    if ($approved) {
    } else {
    die( __(‘Sorry, you have tripped my blacklist.’) );
    }
    flood protection by ip is already built into wordpress. to adjust the time between comment attempts by the same ip address, again edit the wp-comments-post.php file and scroll down until you see:
    // Simple flood-protection
    then, look for the following line:
    if (($time_newcomment – $time_lastcomment) < 10)
    by default, wp restricts comments by the same ip to every 10 seconds. if you want to expand the time between comment submittals for the same ip to say a minute, replace 10 with 60.

    Thanks! I’ll give that a try!

    you’ll need to use the new one at the link i provided.

    Thanks. I had gone to the link but (1) The documentation made it seem as if the version was older than the one I had installed. And (2) They don’t have clear instructions for how to uninstall the old version (with modBlacklist.php). Fortunately I was able to figure it out – I think.

    Yes, I tested it (by attempting to post a comment with a blacklisted URL) and it works. Thanks! Hopefully they can make an option so that this can be configured from within the plugin itself – rather than altering the code.

    Charle97,
    I tried your blacklist code above, but when I do this, I get a repeating string of errors, I’m guessing for each address it’s checking against in the blacklist:
    Warning: Unknown modifier ‘/’ in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 50
    Warning: Unknown modifier ‘/’ in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 52
    Warning: Unknown modifier ‘/’ in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 54
    Warning: Unknown modifier ‘/’ in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 56
    Then, at the bottom, I get more errors:
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 112
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 113
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 114
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 116
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 117
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 118
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 119
    Warning: Cannot modify header information – headers already sent by (output started at /Library/WebServer/stationinthemetro/wp-comments-post.php:50) in /Library/WebServer/stationinthemetro/wp-comments-post.php on line 124
    Any ideas on why this is happening? I copy-pasted your code above, so there shouldn’t be any coding errors.
    Thanks.

    I’m getting these errors too! I just discovered that over the weekend after someone complained that their post wasn’t going through. It actually did go through and I was able to approve it from the moderation panel, but it would be nice not to have such an error message. Any idea how to fix it? I’m using 1.3 alpha 2.

    This works so well, I’d really like to get it to not display the error messages if it is possible to fix it.
    Just to clarify, I’m getting the exact same
    Warning: Unknown modifier '/'
    Warnings in the exact same lines. It seems to have to do with these lines of code (removing the intervening lines so as to just show those mentioned in the warning message):
    if (preg_match($regex, $url))
    if (preg_match($regex, $email))
    if (preg_match($regex, $comment))
    if (preg_match($regex, $author))
    Now, the term $regex seems to be defined here:
    $regex = "/$site->regex/i";
    I tried to remove first one, then the other slash, but it made things much, much, worse. Not sure what else I might try.

    Here is a temporary solution:
    Where it says:
    if ($approved) {
    } else {
    die( __('Sorry, you have tripped my blacklist.') );
    }
    Change it to this:
    if ($approved) {
    echo "<br/><br/><h1>Please wait for me to approve your comment. No need to resubmit. (And ignore those pesky 'warnings'.) Thanks!</h1><br/><br/>";
    } else {
    die( __('Sorry, you have tripped my blacklist.') );
    }
    It will appear after the warnings about backslashes, and before the warnings about modifying headers, but because it is encoded as a header, it should be quite clear and readable!

    i don’t know how to create the error, so i can’t help.

Viewing 15 replies - 1 through 15 (of 19 total)
  • The topic ‘WP Comment Spam Protection just works’ is closed to new replies.