Innovative WordPress Spam Blocking

Posted on May 4th, 2007 in General by Brandon

I’ve been getting tons of spam comments lately and am getting tired of deleting them. Today I had to scroll through over a hundred of them and pick out the one or two legitimate comments before deleting the rest. I already have BadBehavior installed, but its not catching any of these, which makes me think that the spam robots know how to get around it.

So, I went on a hunt to find a good another good spam prevention tool. On, I came across one called JSSpamBlock that had a pretty good idea. Essentially, it creates an extra textbox on the comment page. If you have JavaScript enabled, it uses JavaScript to populate that box with the answer and hide it. If a user doesn’t have JavaScript enabled, then they are instructed to copy a number into the box.

The result is a spam protection scheme that is invisible to the average user. Yet spam robots won’t know how to execute the JavaScript to bypass it.

As an added security, I modified the jsspamblock.php file to change the name of the input field. I figure that it would be easy enough to modify a spam robot to look for this particular plugin. But since I modified the input field, hopefully even attempts to do that will not leave my site vulnerable. To make the same change on your installation, just replace all instances of ‘jsspamblock_input’ with something unique to your site.

3 Responses to 'Innovative WordPress Spam Blocking'

Subscribe to comments with RSS or TrackBack to 'Innovative WordPress Spam Blocking'.

  1. Brandon said,

    on May 5th, 2007 at 7:47 pm

    It’s now been a couple days since installing this plugin, and I have gotten zero spam posts. I’d say that it is working quite well and I’m very pleased.

  2. Paul said,

    on May 6th, 2007 at 3:25 pm

    Glad to see it’s working well for you. Good idea with the field name change, perhaps I will incorporate that in a future version.

  3. on May 21st, 2007 at 12:21 pm

    […] recently, I got a comment from Brandon Checketts, who had modified JSSpamBlock so that the comment field names were different than the defaults. The reason was that even if spam […]

  4. on May 6th, 2012 at 10:17 pm

    […] a friend of mine mentioned in his blog that he used Paul Butler’s JSSpamBlock plug-in with his WordPress blog […]

Post a comment