10/21/2004 ↓

Updated Three Strikes Spam Protection Plugin Version 1.1 Beta

Author: Mark Ghosh Category: WordPress Hack

Thanks for visiting! We would like to serve you better. Please subscribe to our RSS feed for daily updates. This blog posts regular Wordpress news, updates of themes, plugins, ideas, hacks, quick fixes and everything about blogging, especially about Wordpress. You can also receive updates from this blog via email if you want that method of notification.

An updated version of the Three Strikes Spam Plugin, now in version 1.1 Beta, is available for download.

I started to receive a few Spam comments yesterday and I realized that the built in WordPress “Common Spam Words” filter does not account for encoded information. In other words, if a spammer encodes the contents of the comment, URL etc, it does not get caught as spam (though some items will get caught). This new version of the plugin uses a function that acts like the Javascript unescape command (in PHP) and decodes encoded entities. The php function, and consequently, the Three Strikes plugin, will check for Unicode and ASCII characters, convert them to plain letters and characters (unencoded) and then run the spam checker on this information. I will be working on implementing this within Kitten’s Spam Words plugin as well.

Download the new plugin from here. Installation and upgrade are as simple as renaming this file as threestrikes.php, copying it to your wp-content/plugins directory and then enabling it within your admin interface. Please post bugs/suggestions.

[EDIT] The offer to share my personal “Common Spam Words” still stands. I have enough words in there to populate Google. :) Email me with requests if you want to use that.

[EDIT] If you want my list of spam words, please include a link to your blog with the request so I know that you are not a spammer.

[EDIT] Now with Trackback checking built in. To update, just download the plugin again and re-upload to your blog.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...

Visitors who read this post, also read:

    Friends

    Translate

    Translate to German Translate to Spanish Translate to French Translate to Italian Translate to Portuguese Translate to Japanese Translate to Korean Translate to Russian Translate to Chinese

    Latest Videos

    Latest WordPress Jobs

    52 Comments | Leave a comment | Comments RSS

    1. Why not count the encoding itself as a spam indicator? There’s no reason for normal commentors to encode characters.

      [Reply] Michael Moncur (10 comments.) — 10/22/2004 @ 12:57 am

    2. Great plugin!! I think Michael M. is right with his comment ;-)

      [Reply] Edlef (3 comments.) — 10/22/2004 @ 12:46 pm

    3. That makes sense Michael. However, I think it would be the preference of the blog owner. On this blog, your observation makes sense. I do not know how it would be different for anyone else, but someone MIGHT be encoding for some reason. :)
      I should make it a choice. I wish I could come up with an acceptable way of configuring plugins from the admin interface.

      [Reply] Mark (34 comments.) — 10/22/2004 @ 2:31 pm

    4. [...] ed up with a problem in my list of spam words that was triggering a false positive for the Three Strikes Spam Plugin for [...]

      Team Murder » Hello. My Name Is Fucking Idiot. — 10/26/2004 @ 6:16 am

    5. Plugin fun
      Blog, blah, blah, plugin, blah, spam.

      synapse — 10/26/2004 @ 8:15 am

    6. [...] omments will automatically be held for moderation. The second plugin is Mark Ghosh’s Three Strikes Spam Protection. [...]

      MtDewVirus » WordPress Comment SPAM Plugins — 10/29/2004 @ 12:48 pm

    7. There is a definite problem with this plugin. I downloaded it yesterday and activated it. There was no problems until I was receiving emails that people were not able to post comments on my website. It seemed that it changed the link of the “Say It” where you submit the comment (like your “Post” button below) so that it goes to http://www.fbi.gov website.

      The minute I deactivated the plugin, people were able to post comments again. Please let me know how this is able to be fixed and if anybody else had this problem.

      [Reply] Poonam (10 comments.) — 10/30/2004 @ 3:13 pm

    8. Please make sure that there are no lingering spaces or blank new lines within your common spam words inside the wp admin interface.

      [Reply] Mark — 11/1/2004 @ 9:02 am

    9. is this found in the threestrikes.php plugin itself? What file should I check?

      Spam is getting worse and worse..argh..

      [Reply] Poonam (10 comments.) — 11/1/2004 @ 5:58 pm

    10. Look under your wp-admin interface, under options->discussion->common spam words

      [Reply] Mark — 11/1/2004 @ 6:04 pm

    11. Found it. Thanks. :)

      [Reply] Poonam (10 comments.) — 11/1/2004 @ 6:26 pm

    12. I would like your spam words Mark.

      http://www.neerajpoonam.com/wp is my blog. :smile:

      [Reply] Poonam (10 comments.) — 11/1/2004 @ 6:30 pm

    13. [...] Hopefully, these will prevent some spam from ever reaching me. Specifically, I installed Laughing Lizard’s Three Stri [...]

      Elwing's Weblog » Wordpress Spam — 11/2/2004 @ 9:10 pm

    14. [...] 17;m going to need some automated help in spam prevention. Hence I have just installed the Three Strikes plugin for WordP [...]

      The Research Kitchen weblog » Blog Spam — 11/11/2004 @ 12:16 am

    15. I have set up yuour plugin, but when I try to login I get the following message.
      Warning: Cannot modify header information - headers already sent by (output started at /home/sites/kendixon.net/public_html/findias/wp-content/plugins/threestrikes.php:145) in /home/sites/kendixon.net/public_html/findias/wp-login.php on line 257

      Warning: Cannot modify header information - headers already sent by (output started at /home/sites/kendixon.net/public_html/findias/wp-content/plugins/threestrikes.php:145) in /home/sites/kendixon.net/public_html/findias/wp-login.php on line 258

      Warning: Cannot modify header information - headers already sent by (output started at /home/sites/kendixon.net/public_html/findias/wp-content/plugins/threestrikes.php:145) in /home/sites/kendixon.net/public_html/findias/wp-login.php on line 259

      Warning: Cannot modify header information - headers already sent by (output started at /home/sites/kendixon.net/public_html/findias/wp-content/plugins/threestrikes.php:145) in /home/sites/kendixon.net/public_html/findias/wp-login.php on line 260

      Warning: Cannot modify header information - headers already sent by (output started at /home/sites/kendixon.net/public_html/findias/wp-content/plugins/threestrikes.php:145) in /home/sites/kendixon.net/public_html/findias/wp-login.php on line 261

      What have I done wrong

      Ken

      [Reply] Ken Dixon (3 comments.) — 11/15/2004 @ 9:31 am

    16. Try and install the plugin again, Sounds like you have a space somewhere. (especially at the end of the file, after ?%gt;

      [Reply] Mark — 11/15/2004 @ 11:17 am

    17. Thanks works now

      Ken

      [Reply] Ken Dixon (3 comments.) — 11/15/2004 @ 2:36 pm

    18. I have installed ‘three strikes’ and it works no more spam from the pokerman.
      Thanks

      Ken

      [Reply] Ken Dixon (3 comments.) — 11/16/2004 @ 5:38 am

    19. [...] e on time. It’s a fun anthem. I can now transport minors, legally. And hopefully this will get rid of the comme [...]

      unnoticed.org » we all got rides, ‘cause no one had their license — 11/19/2004 @ 1:01 am

    20. [...] Allen, the author of MT-Blacklist Laughing Lizard who ported MT-Blacklist to WP and whose 3 Strikes plugin was problably [...]

      Dr Dave's Blog » Introducing Spam Karma — 11/19/2004 @ 5:10 am

    21. I’ve been having some problems with these spam plugins. After installing three strikes, the wp-login.php page gave me this error:

      Warning: Cannot modify header information - headers already sent by (output started at /home/moero/www/www/blog/wp-content/plugins/threestrikes.php:2) in /home/moero/www/www/blog/wp-admin/index.php on line 13

      If anybody could give me a hand here, that would be great. Thank you!!

      [Reply] Alex — 11/26/2004 @ 1:24 pm

    22. Make sure there is no space between the beginning of the plugin and the first angle bracket.

      [Reply] Mark — 11/26/2004 @ 10:40 pm

    23. [...] ugins that I have installed to stop that spammer in his tracks! Laughing Lizard’s - ThreeStrikesSPAM v1.1beta Laug [...]

      The Life of Me » Blog Archive » Comment spam! — 12/1/2004 @ 2:49 am

    24. I’ve noticed an issue with comments that contain single quotes and double quotes…they get escaped with an extra slash if ThreeStrikesSpam is activated. It seems that add_magic_quotes is being called twice on $_POST: once in 3SS, and again in wp-comments-post.php in my WP 1.2 install. Has anyone else had a similar experience?

      [Reply] Dave Seah (1 comments.) — 12/4/2004 @ 1:35 am

    25. If that happens, you can take out these lines:
      if ($_POST['comment'] && !is_array($_POST['comment'])) {
      //Make sure the information received is parsed, cleaned and stripped correctly (from WP codebase)
      if (!get_magic_quotes_gpc()) {
      $_POST = add_magic_quotes($_POST);
      $_COOKIE = add_magic_quotes($_COOKIE);
      }

      [Reply] Mark — 12/4/2004 @ 8:32 am

    26. hope this works!! thanks….

      [Reply] grubgirl (1 comments.) — 12/9/2004 @ 3:36 pm

    27. Cheap Meat
      I’ve just checked my mail after a couple of days away from the computer and was greeted by over one hundred new blog comments notifications and around four hundred ‘please check this comment’ messages. All of it spam. This resulted in something like…

      SasBlog — 01/3/2005 @ 8:58 am

    28. I’m using WP 1.2. I do not have a section wp-content. Was it supposed to be automatically installed or do I just need to create it myself along with a plugins subdir? Thank you.

      [Reply] Andrea — 01/3/2005 @ 12:10 pm

    29. [...] ount and a lot of time spent deleting. To stop it happening again I’ve installed the Three Strikes Spam Prote [...]

      SasBlog » Cheap Meat — 01/3/2005 @ 12:58 pm

    30. NM. I went ahead and created the wp-content and installed plugin as advised. It’s working perfectly. Thanks for posting this. It’s going to make my life a lot easier.

      [Reply] Andrea — 01/3/2005 @ 2:15 pm

    31. [...] ppy day Ok I’m not going to password protect this after all. I found a very cool plugin that seems to be doin [...]

      Dailyjottings.com » Oh happy day — 01/3/2005 @ 6:23 pm

    32. [...] ore comments come through. Ugh. So I broke down, and uploaded a spam-blocker plugin called “Three Strikes Spam Protecti [...]

      Daria Unplugged » Blog Archive » Spam flood. — 01/5/2005 @ 6:27 pm

    33. [...] word list Kitten’s spaminator - basically is the like having the spammer tar pit and three strikes plugins installed [...]

      Purple Lilacs » — 01/7/2005 @ 1:36 pm

    34. [...] omment that entered my moderation queue. The next solution I chose was Mark Ghosh’s ThreeStrikes plugin which dele [...]

      Too busy to... » Anti-Comment-Spam and Other WordPress Plugins — 01/8/2005 @ 6:27 pm

    35. Looks like the CVS has code for treating encoded low ASCII as spam indicator:

      http://wordpress.org/pipermail.....00865.html

      [Reply] a-giau (1 comments.) — 01/16/2005 @ 9:03 am

    36. Can I get your spam words please?

      [Reply] shannon (1 comments.) — 01/19/2005 @ 9:29 pm
    37. [Reply] Mark — 01/19/2005 @ 10:22 pm

    38. Umm… I am having a problem. The plugin used to work fine. But when I tested it out just now, I keep getting errors such as the following instead of getting redirected to the FBI site.

      Warning: Unknown modifier ‘C’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 110
      Warning: Unknown modifier ‘C’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 111
      Warning: Unknown modifier ‘C’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 112
      Warning: Unknown modifier ‘C’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 113Warning: Unknown modifier ‘H’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 110
      Warning: Unknown modifier ‘H’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 111
      Warning: Unknown modifier ‘H’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 112
      Warning: Unknown modifier ‘H’ in /home/little/public_html/wp-content/plugins/threestrikes.php on line 113

      I have deactivated the plugin, downloaded a new copy, uploaded it, and reactivated it again. But still no avail. :(

      [Reply] Brenda — 02/4/2005 @ 2:39 pm

    39. Hi,
      I’m brand new to plugins, so sorry for the uninformed question, but when you say “enable it within your admin interface”, do you mean setting the permissions? If so, what should they be? If not, what does it mean?
      Thanks for making your work available like this,
      Amy

      [Reply] amy (2 comments.) — 02/6/2005 @ 9:30 am

    40. Thats no problem Amy. It means to go to the admin of your blog, click on plugins and Activate the plugin in question. (click on the activate button on the right)

      [Reply] Mark — 02/6/2005 @ 9:42 am

    41. Thanks!
      I can’t believe it. No more online poker. Thank you thank you.

      [Reply] amy (2 comments.) — 02/8/2005 @ 6:36 am

    42. Removing these lines only made my blog disappear, as in a white screen appeared instead.

      [Reply] Nulla Salus — 02/12/2005 @ 6:57 pm

    43. I’ve upgraded my threestrikes plugin to threestrikes12.php and it works great to catch the bad stuff, for what it’s worth, so did the previous one.

      But just like with the original threestrikes I still have the problem of backslashes showing up in comments before apostrophes and quote marks. I saw the post above and looked for that code supplied to delete it but do not find it in the plugin’s code.

      Any other place to look or something else to try? Thanks!

      [Reply] OkieBoy (3 comments.) — 02/18/2005 @ 4:00 pm

    44. OK, found a quick-easy fix for the backslash problem at http://bish.lechoso.com/category/web-dev/

      It’s a one line addition to the vars.php file in the wp-includes directory that adds a filter to remove them.

      Add this line:

      add_filter(’comment_text’, ’stripslashes’);

      below the rest of the filters. Works fine!

      [Reply] OkieBoy (3 comments.) — 02/18/2005 @ 4:21 pm

    45. Warning: Division by zero in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php on line 80

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 44

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 45

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 46

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 48

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 49

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 50

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 51

      Warning: Cannot modify header information - headers already sent by (output started at /usr/home/zero/domains/obscurethoughts.net/public_html/wp-content/plugins/bayes/class.naivebayesian.php:80) in /usr/home/zero/domains/obscurethoughts.net/public_html/wp-comments-post.php on line 55

      ??? :(

      [Reply] Travis — 02/20/2005 @ 4:08 pm

    46. Please try the new version from here:
      http://weblogtoolscollection.c.....n-updated/

      [Reply] Mark — 02/20/2005 @ 4:19 pm

    47. [...] ted comment links to 1 (ie just your URL) before being moderated. I have also implemented this quite effective spam filt [...]

      trash talk with tealou » Bluddy Hell… — 02/22/2005 @ 11:08 pm

    48. [...] ybe we could forward the crap directly to them somehow. (Much of mine is getting nailed by three strikes, but I bet the k [...]

      epigraph » reporting comment spam: a fantasy of mine — 02/27/2005 @ 8:28 am

    49. [...] het schrijven van een commentaar worden doorgestuurd naar fbi.gov. Dat is de schuld van de Three-strikes anti commentaar spam [...]

      Aarhus live weblog » Dienstmededeling — 03/10/2005 @ 5:08 am

    50. [...] rbebotschaft, die prinzipiell als solche identifizierbar ist), hab ich jetzt also noch das three strikes spam protection plug [...]

      highlyoverrated.info - do you need more? — 03/15/2005 @ 4:56 pm

    51. ffsdsdf

      [Reply] gfd (1 comments.) — 11/20/2005 @ 5:13 am

    52. [...] …das bei Einträgen ohne schon vorhandene Kommentare nicht tut (und ich hab keine Zeit zu suchen), also probiere ich mal dieses hier… [...]

      sagichdoch? » Spammer wieder — 11/27/2006 @ 8:31 am

    Leave a comment

    Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

    (required)

    (required, will not be published)


    S2