[thelist] PHP comment spam
Matt Warden
mwarden at gmail.com
Sat Dec 24 08:38:38 CST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paul Waring wrote:
> I'm getting an awful lot of spam to my blog at the moment, but because
> I wrote the system myself there's no built-in comment spam prevention.
> Does anyone know of a good PHP function/class that I can pass the
> comment text to and get a "spam score" (a bit like SpamAssassin does
> for email), which I can then use to decide whether to accept, moderate
> or delete the comment? I don't really want to try and pull the comment
> spamming code out of something like WordPress as it's probably too
> integrated with the rest of the system.
But it wouldn't hurt to take a look at WP does it. I get *zero* spam
comments that get auto-approved, using the combination of these options
in WP:
1) comments with greater than X links in it are automatically deleted
2) comments posted by an author who has not had a previous comment
approved are put in the moderation queue
I am not sure of the details of #2 (it's probably based on email
address, which is required but not visible on the site).
Anyway, #1 would be easy for you to implement. You could also calculate
a ratio of how much of the comment is linked text and how much is
unlinked text. I don't think you can get by without using a moderation
queue.
Your other option is to use CAPTCHA (the type-what-you-see-in-the-image
stuff), which will probably hold of spam robots for quite a while. You
just have to make sure you get a CAPTCHA system that produces images
that your human users can read (sometimes CAPTCHA systems generate
random disfigurements and make it impossible to read by both human and
computer).
- --
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com
This email proudly and graciously contributes to entropy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFDrV1urI3LObhzHRMRAjOTAKCof/jTaG4limJiVhCjTP3qLGr1lQCg9e7R
UzO5MJ/TjmTozWDfzOY9op4=
=MGEu
-----END PGP SIGNATURE-----
More information about the thelist
mailing list