I was reading about this antispam plug in
sw-guide.de/wordpress/plugins…am-protection/
but I think it’s overkill – encryption? why? Spam bots can’t think, let alone read and comprehend, and answer what it can’t read and comprehend.
A PHP programmer helped me out with this code
<?php
if (isset ($_POST['submit'])) {
$answer = $_POST['answer'];
if (!empty ($answer)) {
if ($answer == 8) {
// answer IS 8
header (‘location: http ://yoursite.com’);
} else {
// answer is NOT 8
header (‘location: http ://google.com’);
}
} else {
// no answer was given
echo ‘You must enter the Answer!’;
}
} else {
echo ‘<form method="POST" action="bot.php">
<label for="answer">5 plus 3= (Required – protects website from spam bots)</label>
<input type="text" value="" name="answer" id="answer" />
<input name="submit" value="enter answer" type="submit" />
<div class="clearfix"></div>
</form>’;
}
?>
where If "answer" does not = 8 (or some other constant), go to mysite.com or something to throw the bots off course or have it erase the inuputted answer and ready for another answer/try.
If "answer"=8 then go to next line.
I read that spam bots will fill in all fields, but others say spam bots can tell when a quiz question is being asked. Maybe the variable for the quiz question should be "zip code" or something to throw off the bots.
I used 8 for an answer, but 8 should be a string and not an integer in order to ad flexibilty to changing the question, so the the question can be changed to something like – what is the 5th month of the year.
Any thoughts?
Thanks Jim,
Roger
Hi Roger,
Here are the steps to take to prevent comment spam in WordPress and it’s worked great so far!
1) Rename the wp-comments-post.php to something else, wp-comments-post-ns.php for example with ns (no spam).
2) Open wp-comments-post-ns.php (the file you just renamed) and look at line 30, you should see this (it may be on a line close to 30 depending on your version of WP):
$comment_content = trim($_POST['comment']);
Right under that line, add this:
$comment_verify = strtolower(trim($_POST['verify']));
This new line of code trims (strips away) and whitespace and also converts any text that the visitor entered into lower case; this will make it easier for use to verify user input later.
Now, with the file still open in your editor, look for the following, which should be located around line 45.
} else {
if ( get_option(‘comment_registration’) )
wp_die( __(‘Sorry, you must be logged in to post a comment.’) );
}
Replace it with this:
} else {
if ( get_option(‘comment_registration’) )
wp_die( __(‘Sorry, you must be logged in to post a comment.’) );
if ( $comment_verify != ‘december’ )
wp_die( __(‘Sorry, you must correctly answer the "Boat" question to post a comment.’) );
}
Save your changes and close the file you are working on. This new code will make sure that the user entered the answer to the question we are going to present them below.
3) open the comments.php file found in your theme directory, such as wp-content/themes/default/comments.php
Find this line: <form action="ht tp: //yourdomain.com/wp-comments-post.php" method="post" id="commentform">
Replace it with <form action="ht tp: //yourdomain.com/wp-comments-post-ns.php" method="post" id="commentform">
That takes care of the bots submitting to wp-comments-post. Now, we’ll add a question to the comment form, something like
Jim,
Thanks for the help !! The login code related to "Sorry, you must be logged in to post", does this mean that with this method people would would have to first register, then login in ordr to post? I really don’t want that requirement just yet. I still like my idea of asking the person a question a spam but can’t answer, requiing the person to hit an enter buton to enter their answer before moving on to entering their name, email, etc.
Thanks,
Roger
Hi Roger,
No, it does not mean they have to be logged in to post a comment. I use this same code on my Spider site. Try it, you’ll like it
Best regards,
Jim.
Jim,
That’s some great programming now that I understand it a littel better. Aren’t you amazed when you still get a bot or two? That’s pretty good programming too.
Roger
I am suprised when I get a bot or two because that means someone took the time to visit my site, find the right filename and add it to the list.
One note here on this method of removing spam comments from WordPress is that when you upgrade WordPress, you’ll need to delete the old wp-comments-post.php file and then rename the new one and make the modifications again.
Best regards,
Jim.
Jim,
Updating wordpress is enough of an ordeal, then doing these modification over each time wordpress updates is too much. I think I’m going to try using only the second part (Q/A) at first and see how it goes; robots just can’t answer real questions so the spam author will have to visit the site determine the answer to get through as you were saying.
Thanks,
Roger
Hi Roger,
That’s why they ask that you only modify the themes and not the actual code. The spam filer alone should work well for most sites.
Best regards,
Jim.