Help creating a comment filtering script to stop spammers

  • My site gets an annoying amount of comment spambots. I’ve tried a number of plugins, which haven’t made much difference.

    For a while, I had some luck using WordPress Hashcash, which filters comments with no referrer field — indicating they were made with a script that bypasses the form. However, that’s no longer working well, indicating spammers have figured out some way to spoof it.

    A lot of the spam comments I get have an entry in the URL field, which definitely indicates they were made by a script; my comment form doesn’t include a field to let people enter a website. I was thinking I might be able to cut down the number of spam comments with some kind of function (in functions.php) to move new comments to the trash if the URL field is not a null set. However, I’m not a programmer and the syntax for that is beyond me.

    Has anyone had any luck with this kind of script? Any suggestions?

Viewing 6 replies - 16 through 21 (of 21 total)
  • Thread Starter Ate Up With Motor

    (@ate-up-with-motor)

    I already have a similar rule in the .htaccess file, except that the RewriteRule is

    RewriteRule ^(.*)$ - [F]

    This has not stopped some spam comments that clearly were not submitted using the form. They show the referrer ID correctly, but contain a non-null value in the website URL field, which again the comment form does not allow users to enter.

    Moderator James Huff

    (@macmanx)

    No, that one line really is not in any way similar to the eight lines posted above, and it would never stop spam.

    Really, honestly, try the .htaccess code posted above. We really can’t help you at all if you won’t even try the solutions we propose here.

    Thread Starter Ate Up With Motor

    (@ate-up-with-motor)

    You’re not reading what I said. The code in my .htaccess file is identical to what you posted above except for the final line. To whit:

    <IfModule mod_rewrite.c>
	RewriteEngine On
	RewriteCond %{REQUEST_METHOD} POST
	RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login)\.php*
	RewriteCond %{HTTP_REFERER} !.*(example.com|jetpack.wordpress.com).* [OR]
	RewriteCond %{HTTP_USER_AGENT} ^$
	RewriteRule ^(.*)$ - [F]
</ifModule>

    That rule has been in place for months; it’s added as part of AskApache.

    Moderator James Huff

    (@macmanx)

    All 8 lines are added by AskApache? Including the jetpack.wordpress.com? That seems odd, considering that I only started adding jetpack.wordpress.com to my replies here less than a month ago.

    Well, if that is indeed what you have, all I can say is stick with that and Akismet, they work quite well for me. There is no single golden solution. If there were, we wouldn’t have 100+ anti-spam plugins and tutorials.

    Thread Starter Ate Up With Motor

    (@ate-up-with-motor)

    It’s either from AskApache or iThemes Security — I’d have to look again to see which added it. In any case, I went to add those lines a few months ago and realized they were already present.

    I am not asking for a “single golden solution.” What I’m interested in doing specifically — which none of this has addressed at all — is creating a function to disallow any comment in which the website URL field has any non-null value.

    As I said originally, I do not provide users with any means to enter a website URL. Ergo, if a comment contains a value in that field, the comment has been made using some means other than the comment form and therefore is definitely spam.

    I would like to create some means by which any comment that meets those criteria goes automatically to spam or just to the trash. I understand approximately how that needs to work, but I’m not a programmer and don’t know how to write it and I don’t know of any plugin that performs that specific task.

    If you don’t know the answer, that’s fine — neither do I. I’m not looking for a lecture on general spam reduction techniques, I’m not looking to recreate methods I already have in place, and I don’t need a plug for Akismet or other plugins that don’t do the specific think I’m asking about.

    I think that what Ate Up With Motor actually means to say is:

    “James,thank you very much for your time and effort in trying to help, even though it wasn’t the answer I was looking for.”

Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘Help creating a comment filtering script to stop spammers’ is closed to new replies.