DISQUS

Website
http://www.connectedinternet.co.uk/
Original page
http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/
Subscribe
All Comments
Community
Top Commenters
- Thilak Rao
  6 comments · 13 points
- AndyBeard
  11 comments · 4 points
- Michael Lankton
  102 comments · 1 points
- Michael Lankton
  92 comments · 2 points
- TheBuzzSaw
  3 comments · 1 points
Popular Threads
- Netbooks on their way out… official!
  22 hours ago · 1 comment
- Mobile phone GSM encryption cracked
  1 day ago · 1 comment
- What I’d Like In Windows 8
  1 week ago · 4 comments
- Top 2009 Money Makers- and Duds
  4 days ago · 1 comment
- The Number One Way To Amazing Headlines
  4 days ago · 1 comment

Connected Internet: Added Two New Plugins To Increase WordPress Spam Protection

Quix0r · 3 years ago

I have found a german post about this math-plugin. He found out that a spammer can very easy find out a hash and the matching result. So please add a "secret key" to your wp-config.php when not already done:

define('WP_SECRET', "wordpress-xxxxxxxx");

By xxxxx is something random typed by your finger-random-generator... ;-) And do never every expose this to public. :) Now you just need to add this to the plug-in code where it generates the code and where it compares it with the hidden one from the form.

If you like, add this code to the hashing parts as well:

filemtime(__FILE__).":".filemtime(ABSPATH . "wp-config.php");

This shall add more entropy to the hash. Finally add - when your blog support his - the number of views or reads of the current post plus title. This is much more secure against "guessing" the current hash.
Everton Blair · 3 years ago

Thanks Quix0r. I think I'll give this a go this evening, as although the amount of spam getting through to Akismet has fallen by around 95%, which means I can now catch the false positives, I want to stop the 5 spam comments per hour that are still somehow getting through.

Still it's better than the approx. 100 per hour I was getting, which was crazy. I haven't had any trackback spam though since adding the trackback validator which is fantastic.
Ajay · 3 years ago

I'm using Peter's Antispam on my blog. Going to give Math one a shot on Techtites :)
Quix0r · 2 years ago

On my blog I have now answered someone what to do next after you have created your key WP_SECRET in your wp-config.php script. Please have a look on it.
Quix0r · 2 years ago

Oh, and sorry for my bad english. :/
Cheryline · 1 year ago

spammers are very adapt to the new technologies and always try to find a way to hack your system and get their message across. You always have to stay above them at all times.
Michel · 7 months ago

That's funny... Looks like there is no more Math AntiSpam protection here, in this blog, and it also appears that the latest comments are (before this one)... pure spam! :)
Richard Cummings · 7 months ago

Yes, it looks as though the spammers have gotten to this article. Several comments above are clearly spam, but thanks for these updates on how to prevent spam. I'll have a look at each!

Website

Original page

Subscribe

Community

Top Commenters

Popular Threads

Connected Internet: Added Two New Plugins To Increase WordPress Spam Protection