[thelist] PHP comment spam

Matt Warden mwarden at gmail.com
Sat Dec 24 08:38:38 CST 2005

Hash: SHA1

Paul Waring wrote:
> I'm getting an awful lot of spam to my blog at the moment, but because
> I wrote the system myself there's no built-in comment spam prevention.
> Does anyone know of a good PHP function/class that I can pass the
> comment text to and get a "spam score" (a bit like SpamAssassin does
> for email), which I can then use to decide whether to accept, moderate
> or delete the comment? I don't really want to try and pull the comment
> spamming code out of something like WordPress as it's probably too
> integrated with the rest of the system.

But it wouldn't hurt to take a look at WP does it. I get *zero* spam
comments that get auto-approved, using the combination of these options
in WP:

1) comments with greater than X links in it are automatically deleted
2) comments posted by an author who has not had a previous comment
approved are put in the moderation queue

I am not sure of the details of #2 (it's probably based on email
address, which is required but not visible on the site).

Anyway, #1 would be easy for you to implement. You could also calculate
a ratio of how much of the comment is linked text and how much is
unlinked text. I don't think you can get by without using a moderation

Your other option is to use CAPTCHA (the type-what-you-see-in-the-image
stuff), which will probably hold of spam robots for quite a while. You
just have to make sure you get a CAPTCHA system that produces images
that your human users can read (sometimes CAPTCHA systems generate
random disfigurements and make it impossible to read by both human and

- --
Matt Warden
Miami University
Oxford, OH, USA

This email proudly and graciously contributes to entropy.
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the thelist mailing list