I’m about to say one of the very few things I have ever posted here which probably every one of my (legitimate human) readers will be able to agree with:
And to be quite honest, I’m getting sick of it. I think a lot of people simply get sick of dealing with the spam, but it’s getting to the point that having to look at comment spam here and on the other blogs I maintain is sickening.
I log in to my spam filter knowing that there’s going to be at least some comments that need purging, but I do so hoping that they are of the variety, “Great blog post. Check my link. Happy Thursday,” and so on. At least those I can scan over and not feel as though my eyes need bleaching. Rarely are those the only bits of garbage in the can. It’s the large chunks of fetid, festering filth that have motivated me to think about better spam protection here on the blog.
And I wanted to do this with as little fuss as possible:
- Plugins which simply send spam to the moderation queue are pointless here — I don’t want to have to deal with it at all; a moderation queue requires, well, some moderation in order to prevent spam (read: legitimate comments) from being blocked.
- WordPress offers built in moderation and blacklist lists within which common spam words can be added. Comments which match something in the moderation list will be held for moderation, while comments which match anything in the blacklist will be deleted on the spot. I like this idea, but maintaining such a list has got to be a pain in the butt, and I can imagine all sorts of discussions — such as comments concerning anti-spam solutions — which may make use of any number of spam words. I don’t want to hurt legitimate users!
So what to do?
I’ve heard it mentioned many times before, and it suddenly started sounding like a good idea: simply rename the
/wp-comments-post.php file to something else, and spam bots will no longer be able to post.
So that’s what I did. There was only one line of code which I had to change as well. In the
/comments.php of my theme, I had to adjust the address for the commenting form. The bit of code that needed changed looked like this:
So I edited that to match the new filename I had chosen, saved it, and uploaded. After a test comment to make sure everything was kosher, I breathed a sigh of relief, thinking everything would be smooth sailing — though I’d still receive trackback spam, I’m sure, but that’s another subject for another time.
Still the spam comes in. Evidently, spam bots are being more intelligently written; I checked my host’s access logs and noticed that the spammers are loading posts first and submitting the spam in a very legitimate looking way. That sucks.
Perhaps my change will slow the influx of spam. I can hope, right?
I’m curious if anyone else has any ingenious little antispam tweaks in place on their sites? It doesn’t have to be specific to WordPress; I don’t have access to my Apache
httpd.conf, but I certainly can tweak around in