-
Notifications
You must be signed in to change notification settings - Fork 12
Spam Blocker
A number of WordPress spam blocking plugins send comment data to a third party service to check for spam. This is so that they can use machine learning or other automated checks - however this doesn't respect users privacy. So I have built a very simple spam blocker.
The spam blocker does the following things.
The comment blacklist is an automated method for blocking keywords that is surprisingly powerful. I have updated the blacklist to use the content from the WordPress Comment Blacklist.
Checks a hidden url field to see if any content has been added.
Checks a hidden key field to see if the automated key has been changed.
On form submit javascript adds a new field that must exist. This has the side-effect of requiring users to have javascript enabled, however if they don't the comment will be added to the spam folder so can still be approved. Inspired by this post from David Walsh, but uses a slightly different approach.
In my experience this spam blocker stops roughly 95% of spam comments. I'd say this is a pretty good rate considering it doesn't use a third party learning algorithm. If you get any repeated spam comments then you can do one of two things to improve the rate.
- Report the spam message on the WordPress comment blacklist project. Once merged the list will automatically update on your site.
- Add a keyword (I like to block spammy urls and email addresses) in the Settings > Discussion > Disallowed Comment Keys section of the WordPress admin.
The Toolbelt spam checker should be fine for most needs, but if you need something more robust then you may like:
Toolbelt is built by Ben from Pro Theme Design.