19 Responses

  1. Ryan Hellyer
    Ryan Hellyer Published |

    I used Cookies for Comments for many years. It worked well. But it didn’t block everything.

    I ended up forking it (actually more of a rewrite) and creating a plugin which used JavaScript to set the cookie rather than an image, and also sets a string in an input field (via JavaScript). If that string is not present in the field when the form is submitted then the comment is marked as spam. The only downside to this is that it requires both cookies and JavaScript turned on for it to work, but that doesn’t affect many people. I also have a test version I’m working on which offers a CAPTCHA when JavaScript isn’t turned on, but it isn’t ready yet.

    Here’s the plugin:
    http://wordpress.org/plugins/spam-destroyer/

    And here’s an article written by Sarah Gooding about it last year:
    http://wpmu.org/spam-destroyer-really-works-to-kill-wordpress-spam/

    I have noticed a couple of sites which have quite extreme problems with spam. I don’t mean LOTS of spam, but the bots that are attacking them are able to parse both JavaScript and cookies. Those are thankfully relatively rare. I’ve so far only seen two cases of this and they were both on websites about SEO, which seem to be actively targeted by spammers. On those sites, using something like Akismet is necessary and sometimes even a CAPTCHA.

    Reply
    1. Ryan Hellyer
      Ryan Hellyer Published |

      I forgot to mention that my plugin is also a fork of the WP Hashcash plugin. The two can work alongside one another, but they’re more efficient as an integrated package (there’s no point in using an image to set a cookie if you are already requiring JavaScript for something else).

      I also heard about both WP Hashcash and Cookies for Comments from Otto originally. He mentioned them in the WP Tavern forum many moons ago and I started using them immediately. Individually they weren’t enough to block spam, but the combination of the two obliterated everything, hence why I made the fork/merger of the two.

      Reply
      1. Ryan Hellyer
        Ryan Hellyer Published |

        My plugin shouldn’t be any more effective at block spam than the two of them combined. It’s just slightly more efficient since I don’t need to serve an image as well as JS to trigger the cookie.

        I’m keen to hear any input you might have on it.

        I’ve been wrestling with why my test version of the plugin kept failing when I ran it on my live site. I realised yesterday that it was because I had the stable one network activated and my test version running alongside it :/

  2. Pramod
    Pramod Published |

    I would try this plugin mate ! Though i don’t receive as much comments as you get .. I do get a lot of spam comments ..This plugin would filter out the spam . Thanks for sharing the details .

    -Pramod

    Reply
  3. Daniel
    Daniel Published |

    I had the same problem – comment spam was getting out of control and I didn’t want to resort to captchas (or Akismet, for that matter). I wrote about the alternatives and what I think is a good solution here: http://daniemon.com/blog/block-comment-spam-without-captchas/

    I hadn’t heard about Cookies for Comments but my approach is similar, albeit with additional comment analysis and filtering. There’s a link to my plugin at the bottom of the blog post if you’re interested.

    Reply
    1. pinellaslivinggreen
      pinellaslivinggreen Published |

      The original Cookies for Comments offers the option

      Reply
  4. Sami Keijonen
    Sami Keijonen Published |

    I remember reading this story somewhere, not sure if it’s true or not.

    A spammer was revealed to a group of people. Group of people that was tired of authorities and decided to do something on their own. They waited for a while doing nothing and was kind of checking spammer out. They knew where he lived.

    After some time spammer took a two week holiday and “they” knew now it’s their time to attack.

    They ordered every free sample magazine and advert from every possible company across the country to spammer home address. After two weeks spammers corridor and mail box was full of chuck and ads. And it just kept coming more and more. And more and more.

    After two weeks spammer came back from his holiday and he was furious that who could ever do something like this! And new ads and sample magazine just kept coming more and more. And more and more.

    I hope the story is true.

    Reply
  5. Akismet Celebrates Huge Spam Blocking Milestone
  6. Otto
    Otto Published |

    I’m glad these are working for you and that modifications and improvement are continuing.

    Just be aware that CFC is a “club” solution to spam, while Akismet is a “lo-jack”. If you get that reference, then you will hopefully know exactly what I mean. Continual improvement is necessary, there is no final answer here.

    Reply
  7. El arte de rastrear, contextualizar (e incluso generar) debates - CoLabores
  8. Clangorous Intellect
    Clangorous Intellect Published |

    My tiny blog, which I shall not even name here, has yet to kick out at the world with any vigor. Still, given a fair likelihood of controversy when it enters infancy and then toddlerhood, I’ve been looking ahead. Spam seems to have become an extreme problem, and my anticipated, blaring political advocacy on behalf of individual liberty against arrogant, runaway statism will doubtless lead to spammers targeting my humble abode on the Web with garish advertisements for performance-enhancing substances of dubious provenance and various other huckerisms.

    This “Cookies for Comments” plugin now inhabits my recently reinstalled WordPress setup along with the other anti-spammer plugins that seemed upon research to be worthwhile: Bad Behavior, Akismet, Stop Spammer Registrations, Login LockDown, BruteProtect and even External Links to discourage the jerks who seek to slurp link juice from unsuspecting blogs. Needless to say, I also obtained API keys from Stop Forum Spam, Project Honeypot and BotScout. :)

    Admittedly, one does wonder at what point the growing crowd will bring a circus of stumbles as each plugin struggles for supremacy. Some functionality has already been duplicated, but no real problem has yet leaped from the woodwork with fangs dripping redly — knock on wood.

    Reply

Leave a Reply

By submitting a comment here you grant this site a perpetual license to reproduce your words and name/Web site in attribution.

Please use your real name or a pseudonym (i.e., pen name, alias, nom de plume) when commenting. If you add your site name, company name, or something completely random, I'll likely change it to whatever I want.

css.php