I have hacked up a little WordPress plugin to allow for comment submission verification based on a configurable "codeword". The plugin is called WordVerify, and it's available here.
It should work fine with WordPress 2.0 as well as 1.5.x. It has not been tested for versions of WordPress older than 1.5, so it may not work for those.
The idea is that a lot of commentspam is driven by automation, naturally, and the introduction of a human element in submitting an extra bit of verification can help kill a lot of this spam. SecureImage is an example of a great plugin that uses ImageMagick to display an image with random letters that the commenter must verify. WordVerify provides a simpler alternative to this method, by just requiring the entry of a single word. This provides a healthy compromise for smaller blogs that don't necessarily need the security of a dynamic image. The chances of any comment spammer bothering to screen-scrape my blog just to comment-spam it, much less OCR an image, are pretty low. For smaller blogs, the simple addition of a codeword is probably more than enough.
Further, WordVerify allows customization of the phrase in which the security word is presented in the form, decreasing the ability of spammers to scrape the word if the plugin gains widespread usage.
The installation is simple, as with all WordPress plugins:
- Download wordverify.php.txt
- Rename wordverify.php.txt to wordverify.php
- Copy wordverify.php to your WordPress plugins directory (wp-content/plugins).
- Go to Plugins and "activate" the plugin.
- You can now go to Options -> WordVerify to configure the security word and the phrase it's presented in.
Have fun! Any suggestions are welcome. Feel free to test out the plugin in the comments below. Testing is good.
Thanks to Random, whose implementation of this idea on his The Whole Truth podcast was the inspiration for this plugin.