truden

I’m looking for ten volunteers to test the plugin.
You must have basic knowledge of editing files.
One WP file and one theme file must be edited with one line in each

Send me link to a page in your WP weblog where I can find your email address.(The page must be made specially for the request and must contain the “Truden” name in it.)

The plugin can work with Akismet and SpamKarma (can work without them as well) and does not affect any other plugins.
Since I install it, I have no single spam went through.

First ten volunteers will have it for test.

Normaly it is because of prototype.js
Use the file provided with Lightbox

You don’t need plugin for that.
Make new class in your css and assign it to the “source link” (if you want it to look different).
Of course Word Press will send ping to the source blog like it does for all the links in your blog topics.

So-o-o… The investigation developed and I got some results.
This topic is not about using or not using captha.
It is not about which plugin to use for stopping SPAM.
It is about weakness in WordPress, allowing spammers to avoid the comment form.

Yes, in my case the comment form, which POST the comment was bypassed.
I found it out when a comment was inserted without generating image (generated security images in TruBar are recorded in the DB).

After I discovered that, I did some research in the Internet and found this code:

if(!isset($_SERVER['HTTP_USER_AGENT'])){
die("Forbidden - This page is for normal browsers only");
exit;
}
if(!$_SERVER['REQUEST_METHOD'] == "POST"){
wp_die("Forbidden - You can post from my form only!");
exit;
}
// Host names from where the form is authorized
// to be posted from:
$authHosts = array("yourdomain.com", "yourotherdomain");
// Where have we been posted from?
$fromArray = parse_url(strtolower($_SERVER['HTTP_REFERER']));
// Test to see if the $fromArray used www to get here.
$wwwUsed = strpos($fromArray['host'], "www.");
// Make sure the form was posted from an approved host name.
if(!in_array(($wwwUsed === false ? $fromArray['host'] : substr(stristr($fromArray['host'], '.'), 1)), $authHosts)){
wp_die("Forbidden - No, No, No!");
exit;
}
// Attempt to defend against header injections:
$badStrings = array(
"spamword1",
"spamword2",
"spamword3");
// Loop through each POST'ed value and test if it contains
// one of the $badStrings:
foreach($_POST as $k => $v){
foreach($badStrings as $v2){
if(strpos($v, $v2) !== false){
wp_die("Forbidden - You have used BAD SPAM words! Clean your language and come back again.");
exit;
}
}
}
// free up used memory
unset($k, $v, $v2, $badStrings, $authHosts, $fromArray, $wwwUsed);

After I inserted it in wp-comments-post.php the “clever spam” stopped ??

Next step is to make TruBar intelligent enough to know on which comment to appear ??

Thank you for your answers.
My answer is: You don’t need heavy anti-spam plugins.
TruBar is only 6KB and stops all the SPAM.

P.S. TruBar is not released and I’m not sure if I’ll ever release it. DO NOT ask me for it.

Sorry I did not mentioned that I’m using “Trackback validator”. It is very good on stopping trackback comments.
Of course I know Akismet and Spam Karma 2. I used them before installing TruBar.

I was having the same problem with the cache.
Thank you, BHBuck.
I would not think of moving that line in the midle of the file ??

Now it works.