DVD Guide Blog

I just installed WordPress before going to bed earlier this morning then I awoke several hours later to be greeted by nearly fifty comment notification e-mails—all for spam comments about gambling sites—and more of them arrived while I was sorting through them for anything real, so I temporarily reposted the old page and started looking for an image-based system to prevent WordPress comment spam without stifling legitimate comments.

I found a plug-in that may do the trick, but I am not crazy about how it seems to rely upon PHP sessions* to store its temporary information, so I will have to keep looking and considering my options for now. In the meantime, since comment spam keeps showing up (even with times from several hours before their associated posts and no notification messages), I have added “casino”, “gambling”, and “poker” as keywords to trigger comment moderation, so my e-mail inbox may still be filled with notifications, but at least it should be more difficult for new ones to show up on the site.

Update: I just deleted 68 spam comments (one individually, three pages of twenty, then a page of seven more), but I received only 57 corresponding e-mail notifications, so it looks like WordPress let eleven comments through (possibly all associated with nonexistent posts) without notifying me.

* PHP sessions work by either embedding session information into URLs, which is both ugly and short-sighted (a threat to security, system resources, and even search engine operations), or by using cookies, which I am not crazy about requiring for unregistered commenters.

This entry was posted on Friday, December 3rd, 2004 at 2:35 pm and is filed under WordPress. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.