New Spam Protection Plug-Ins
- 30 Comments... Click to Contribute
I just completed installation of a new WordPress plug-in to protect this blog from comment spam and another plug-in to protect against trackback spam.
I am now using Math Comment Spam Protection Plug-in which adds an additional input field to the comment area where you have to do a basic maths equation in order to approve your comment. I have no idea how effective this will be but the claim is that it protects against all non-human comment spam. It’s certainly a simple solution and I hope it works well.
I’m sorry if your basic math is not good – you might need to have a calculator handy if you want to comment on my blog 
.
This replaces the Spam Karma plug-in I was using, which wasn’t too bad at catching spam, however I wasn’t too happy with the captcha process and some spam was getting through every day.
I also installed the Trackback Validator plug-in which protects my blog from malicious trackbacks.
Thanks to SeoPedia for the heads-up about these plug-ins.
Subscribe to Entrepreneurs-Journey.com
Free with subscription
"How To Start An Internet Business
& Make Your First $1000 Onine"
Forward to Friend
Email a copy of this article to a friend
Loading ...Comments
Leave a comment
Trackbacks
-
1
[...] Well it didn’t last long. You may remember at the end of October I switched to the math comment spam protection system. Unfortunately for the last two weeks I have been waking up to about 100 spam comments which must be smart enough to do basic math. [...]
I don’t see this as being very effective. Since the math is in html and not an image it would be easy to create an application to do the math as it autosubmits the spam.
Akismet works like a charm for me.
The ones I like the best are the ones that show you a coloured box and ask you to describe what colour it is
4+7 is 11 right?!
I’m also very happy with Askimet, though it does let the random spam comment through once in a while. As far as impenetrable captchas go, however, http://www.hotcaptcha.com/ is pretty hacker safe
But due to the variability of the answer it makes it a programmatically difficult thing to do so is in fact quite a good filter.
And what if you’re colour blind or can’t see?
Good thing you’re letting readers know about this – I’ve never seen the math validator so I’d be wondering what it was otherwise…
What variability? Every computer on earth can solve a simple addition question…it doesn’t matter that the numbers change, it is still a + b = c and this puzzle can be solved by a computer with 100% accuracy. That’s why they went to the image type human verification systems.
Read the requirements for a good CAPTCHA, this system does not meet them.
Well, I use this one as well, and ever since I implemented it I have not seen any spam. I guess it is true that any computer can get a + b and add the numbers with complete accuracy, but it would have to be intelligent and ALL websites would have to have “Sum of a + b ?” so that they can scan that. I could just change to Addition and take away the question mark. Make it to where they still have to guess. But great point on that. I had not considered that, and I am a programmer.
I use a combination of things, but the biggest spam protection I use is the worst offendors extension to Akismet from http://boakes.org/ that will give you a list of frequent spammers.
If I see the same IP address more than once in my frequent spammers list, then I add that IP address to deny access to my website. It’s cut my spam attempts on my site to about 5% of what they were before I started doing that.
I have no idea how effective this plug-in will be but I will give it a go and see what happens. If no luck back to Akismet and I’ll try that extension suggestion from Blaine too.
Obviously, but that’s not the point. Most common blogging systems have a script that captures free form text in a fairly predictable format. Adding a non-free form text requirement to a commenting system with a unique form name makes it a more difficult process. What it then means is that the spam harvester can only attack the comments form with a direct scrape of the form every time. This isn’t productive from a spamming point of view so harvesters tend to deal with default installations of the usual suspects such as MT, WP, TP etc because they know the fields in advance.
Whichever way you slice it, image based captcha isn’t accessible. Screen selectable/readable text is.
I use a JavaScript system which looks for keystrokes before posting. It also has a noscript fallback to email comments to me. I have successfully eliminated spam 100%. It’s also degradable, functional and should be accessible.
Or, once the plugin is better known, submit each comment 20 times with mcspvalue=1, 2, 3 etc. No scrape required.
I see it as a temporary ploy until enough people are using it so that it becomes “profitable” to add it to the spam submission applications.
Brilliant, where do I get it?
That’s its downfall. It’s an arms race.
Unfortunately, it’s a hybrid of a Movable Type plugin available at MT Keystrokes but in principle it’s easy to port if you know your PHP and JavaScript.
I have seen people like Matt Cutts using the maths plug-in for quite some time, so I guess it should be effective. In Wordpress options (discussion) you can prevent others from pingbacks and trackbacks – so there is no really need of any plugin to do that.
The only spam getting through is from a damn breast enlargement spammer – this one got through Spam Karma too – I’m going to ban the IP.
Besides that – all good!
However, one MAJOR difference – I woke up to 24 comments that required approval, 15 of which were legitimate comments. I have not had that many over night in a long time and I’m beginning to think that Spam Karma may have deleted A LOT of my legitimate comments in the past.
I am now convinced that I’m probably missing hundreds, if not thousands of LEGITIMATE comments from the past 6 months or so I have been using Spam Karma. That makes me sad
It’s all good now. Just go and cry yourself to sleep, and come back tomorrow strong
Bad karma for Spam Karma
I use the default plugin akismet that comes with wordpress. It is good enough for me as of now as I don’t receive so much spam. But sometimes it flags my own comments as spam
I think the Image verification is the best option as Jamsi suggested. This one also may work, but it can be passed by spammer.
Wow i get the easy math questions (3 + 4)
I’ve actually installed this to my site. I didn’t have any spam protection before but now i am testing this to see how well it works. I had like 62 pieces of spam in the last 24 hours so i hope this clears up my problem. Cheers Yaro and thanks for the link/plugin!
Lucas
It’s a great method of protection, i’ve seen it before but now i know where i can get it.. thanks alot
poor idea for people who suck at math
j/k but it’s a great plugin i know and talked to some people who use it aswel and they’r very happy about it
For the moment it might work, but it by far more easier to crack then any captcha image.
I tried to make a comment on a site because which wanted me to find the sum of the root number etc. I could not figure it out an it was a genuine comment I wrote out and had questions and everything. Can the Spam filters figure this one out or is it manual spam that you were getting?
i’m using akismet …
but i still get more than 50 spam comments lik everyday …
damn them spammers …
I have not had that many over night in a long time and I’m beginning to think that Spam Karma may have deleted A LOT of my legitimate comments in the past.
I hope we don’t start seeing more and more sites with 2 different captcha / questions. I remember seeing at least one like that. I think that would be the simplest and most effective, but terribly annoying.
I have found the math captcha is more thourough than some of the others I have tried for forms in both Joomla, and WordPress. Less slip through, but also less submissions. I too hope we don’t start seeing 2 verify items per page, PITA.
both image captchas and math aren’t too good – spammies will get through quite easily. There are some better systems however if someone is a maniac ; )
check out – http://www.thepcspy.com/contact ; -)))
I’ve seen a nice one some time ago which presented two random pictures from flickr (of course someone had to pick and sort thousands of them) and asked questions like – which one is older? or which one is faster? or which one is more expensive? – this one is a bit hard to be beaten by a quickly prepared bot and easy to use by the user.
Someone said a nice thing a few comments above – when it gets profitable to create a bot to defeat a certain system it will certainly be done – just matter of time – i’ll add that the best solution is to switch to a different system when the old one stops working – we have to be active to fight spammers