UPDATE:
I’m leaving this post in place for historical purposes, but quite a while ago I dropped AuthImage in favor of Spam Karma (link no longer relevant), which seems to do an excellent job of blocking pretty much all my comment spam.
UPDATE THE SECOND:
I’m no longer updating this post to talk about the latest way I’m battling spam here at Sliding Constant (not because I fear the reaction, but because it’s something that changes a lot, and I don’t feel like repeatedly updating this entry). So, as before, I’m leaving this entry in place for historical purposes, but it won’t be updated.
I’ll be honest: comment spam really hasn’t been that big of a problem here on Sliding Constant. So far, I’ve been able to filter almost all of it into my moderation queue just by adding some stuff to my blocked words list.
However, I just really hate the idea that some automated bot can so easily create more work for me to do (namely, reviewing my moderation queue). The last straw, so to speak, was when other friends of mine had to shut down commenting on their site because of massive moderation queues. So, I decided today to follow up on something that I had thought about before (and that another friend Rick confirmed was possible in WordPress).
Enter the AuthImage plugin (link no longer relevant). This little gadget uses a type of visual “puzzle” called a captcha, which requires the commenter to enter the letters he/she sees in an image in order to post the comment.
Unfortunately, this method excludes potential commenters who are unable to view the image (images disabled, text browser, blind user, etc.). However, since my commenters are a pretty small group anyway, I’ve decided that I’m willing to trade the likely zero drop in legitimate comments for not having to deal with comment spam.
2 replies on “Battling Comment Spam”
I’m still hopeful for the day—which won’t occur in 1.3, from all I can tell—that there’s per-site user registration available. At that point, I will automatically throw all unregistered comments into a moderation queue and approve as I see fit.
This is not to say that I’m so motivated as to publish code to do same, because I’m not. 🙂
I think that’s where you and I are different, Geof. My problem isn’t that I can’t find a way to put the spam in the moderation queue. My problem is that I have a fundamental objection to the whole concept of having to moderate spam. I freely admit that my moderation load hasn’t been too bad so far. I’m just being oinery. However, Kat and Sean have found out just how crappy moderation can get.
If the spambots find a way around the captcha (unlikely, since I have some more tricks that I can transplant in from some other captcha software I found if necessary), registration is the next step. If I do that, it will be a registered-commenters-only affair. I did a little bit of research on that yesterday as well and found something else interesting: sxip.com (link goes to a page on archive.org). This service has the possibility of allowing multiple sites to share registration information. I don’t know yet if it’s a good fit, but it looks intriguing.