http://connectedinternet.disqus.com/The latest tech news, reviews and discussionenSun, 24 May 2009 11:18:49 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278879<p>Yes, it looks as though the spammers have gotten to this article. Several comments above are clearly spam, but thanks for these updates on how to prevent spam. I'll have a look at each!</p>Richard CummingsSun, 24 May 2009 11:18:49 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278878<p>That's funny... Looks like there is no more Math AntiSpam protection here, in this blog, and it also appears that the latest comments are (before this one)... pure spam! :)</p>MichelSat, 23 May 2009 07:12:51 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278877<p>spammers are very adapt to the new technologies and always try to find a way to hack your system and get their message across. You always have to stay above them at all times.</p>CherylineTue, 12 Aug 2008 12:08:51 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278876<p>Oh, and sorry for my bad english. :/</p>Quix0rSat, 17 Feb 2007 10:48:53 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278875<p>On my blog I have now answered someone what to do next after you have created your key WP_SECRET in your wp-config.php script. Please have a look on it.</p>Quix0rSat, 17 Feb 2007 10:47:40 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278873<p>Thanks Quix0r. I think I'll give this a go this evening, as although the amount of spam getting through to Akismet has fallen by around 95%, which means I can now catch the false positives, I want to stop the 5 spam comments per hour that are still somehow getting through.</p><p>Still it's better than the approx. 100 per hour I was getting, which was crazy. I haven't had any trackback spam though since adding the trackback validator which is fantastic.</p>Everton BlairThu, 14 Dec 2006 06:01:33 -0000http://www.connectedinternet.co.uk/2006/12/14/added-two-new-plugins-to-increase-wordpress-spam-protection/#comment-15278872<p>I have found a german post about this math-plugin. He found out that a spammer can very easy find out a hash and the matching result. So please add a "secret key" to your wp-config.php when not already done:</p><p><code>define('WP_SECRET', "wordpress-xxxxxxxx");</code></p><p>By xxxxx is something random typed by your finger-random-generator... ;-) And do never every expose this to public. :) Now you just need to add this to the plug-in code where it generates the code and where it compares it with the hidden one from the form.</p><p>If you like, add this code to the hashing parts as well:</p><p><code>filemtime(__FILE__).":".filemtime(ABSPATH . "wp-config.php");</code></p><p>This shall add more entropy to the hash. Finally add - when your blog support his - the number of views or reads of the current post plus title. This is much more secure against "guessing" the current hash.</p>Quix0rThu, 14 Dec 2006 05:43:48 -0000