WordVerify
I have hacked up a little Wordpress plugin to allow for comment submission verification based on a configurable "codeword". The plugin is called WordVerify, and it's available here.
I've only tested it for Wordpress 1.5, and it should be considered super duper mega quadruple beta. But, it works for me on two different Wordpress blogs.
The idea is that a lot of commentspam is driven by automation, naturally, and the introduction of a human element in submitting an extra bit of verification can help kill a lot of this spam. SecureImage is an example of a great plugin that uses ImageMagick to display an image with random letters that the commenter must verify. WordVerify provides a simpler alternative to this method, by just requiring the entry of a single word. This provides a healthy compromise for smaller blogs that don't necessarily need the security of a dynamic image. The chances of any comment spammer bothering to screen-scrape my blog just to comment-spam it, much less OCR an image, are pretty low. For smaller blogs, the simple addition of a codeword is probably more than enough.
Further, WordVerify allows customization of the phrase in which the security word is presented in the form, decreasing the ability of spammers to scrape the word if the plugin gains widespread usage.
The installation is simple, as with all Wordpress plugins:
- Download wordverify.php.txt
- Rename wordverify.php.txt to wordverify.php
- Copy wordverify.php to your Wordpress plugins directory (wp-content/plugins).
- Go to Plugins and "activate" the plugin.
- You can now go to Options -> WordVerify to configure the security word and the phrase it's presented in.
Have fun! Any suggestions are welcome. Feel free to test out the plugin in the comments below. Testing is good.
Thanks to Random, whose implementation of this idea on his The Whole Truth podcast was the inspiration for this plugin.
Update: I have verified that this plugin appears to work fine with Wordpress 2.0
1/5/2006 UPDATE: There was a documentation error in the instructions that inadvertently instructed you to use "%%SECURITYWORD%%" rather than what the plugin uses for substitution, which is "%%CODEWORD%%". A new version (1.1) of the plugin has been posted that resolves this confusion.
1/8/2006 UPDATE: Released a new version, 1.2, that fixes a problem with comment counts. When codeword verification fails, the comment was deleted in a terrible (non-API) way, and hence the comment count was not being updated for the post. This has been fixed.
Testing this thing.
This plugins works in Wordpress 2.0?
:-)
As far as I know -- are you having trouble with it?
Off topic: what sort of plugin do you use for the threaded comments? It looks cool. Thanks.
I'm using Brian's threaded comments plugin.
.. and of btw, I have downloaded this wordverify plugin to my wp2.0 and it works great!
Glad to hear it!
This plugin is not working for me, i´m using WP 2.0...
What trouble are you having? Feel free to e-mail me details at cwage@quietlife.net.
nice plugin
Hi. I followed the instruction how to use it but still it's not working I got this %%SECURITYWORD%% instead of what I wrote as presentation. What shall I do? I am using Wordpress 2
This is because the code actually uses %%CODEWORD%%, not %%SECURITYWORD%% -- there was a mistake in the instructions which I have corrected.. If you re-download the plugin here, it should be fixed.
Hello Chris,
Sorry to bother you again. I downloaded your latest plugin version 1.2. The code shows on IE but not on Mozilla. Do you have any idea why?
uppps, i am so sorry. too dumb of me, i forgot i'm logged in :( that is the reason why i can't see it.
Yep, that'd do it! Glad to hear you got it working..
testing 123
Hy there, I get the following error when NOT typing the correct codeword:
Fatal error: Call to undefined function: wp_delete_comment() in /var/www/web183/html/wordpress/wp-content/plugins/verify.php on line 155
However, the comment is still postet although I've entered the wrong code.
When typing the correct codeword everything is fine...
Does anyone have an idea? Thanks in advance.
This may be due to something I assumed was in all versions of wordpress, butmaybe that's specific to WP 2.0.. I will look into it.
I'm currently using WP 1.5 :)
Hm, okay, then I guess that wp_delete_comment() function didn't exist in 1.5 -- I will have to figure out if there was equivalent functionality in 1.5 and add that back for older versions
For now, it probably won't work for 1.5
Okay, this problem should be resolved. The new version of WordVerify (1.3) checks for versions of Wordpress older than 2.0 and uses a different method to delete the comment.. I can't say for sure if this will work with versions older than 1.5.x because I am not sure how things were done back then, but it should at least work for 1.5.x as well as 2.x
Thanks a lot, Chris! Installed, tested and... taadaa: it works!
Urm Chris, I've just wondered if it's possible randomize the codewords, so that there is always a different word instead of a static on.
Not currently, though I am considering this for the next version.. I figure it would be nice to set multiple codewords and multiple phrases, and then randomize them both.
[...] Dank dem lieben Herrn Hith läuft mein Blog endlich wieder. Und die Kommentare auch. Habe mich jetzt für ein anderes PlugIn [WordVerify] entschieden, das hoffentlich den gleichen Dienst tut, aber einfacher zu installieren ist. Zur Sicherheit hab ich mir diesmal ein Backup gemacht. Vom Blog. Kann nicht mehr viel kaputtgehen, denke ich. Also, Ihr dürft alle wieder fleissig mitreden! Bis bald, Chikatze [...]
I just started using this plugin, it is good, however I am still getting slammed by spam. I began searching for something like this because the spam was forcing my traffic numbers above my quota for the month!!! Thanks for the plugin I am so hoping it helps a little!!
Nevermind my last comment, today I had 0 spam...I am in awe!!1 Thanks again (I am using 2.0 as well so it totally works!!!)
Hi Chris, I love your WordVerify plugin! I only have the problem that the IE shows it w-e-i-r-d, not in the comment form area, where I can see it with Firefox, no, it is in my lower sidebar. I cannot see anything in my sidebar.php file though. Can you help me get it working also in IE? It causes that people comment, but they didn't see the WF field (of course not), so their comments aren't published :sad:
teste@amaisoumenos.com.br
works on WP 2.0!
bvvb
It doesn't work on my site - no error, but the comments are nowhere :(
test