post-page

APAD: Simple Spam Filter

26
responses

Plugin
Simple Spam Filter

Description
Simple Spam Filter uses three methods to check the incoming comments for spam and rejects those that fit this criteria

Review
Simple Spam Filter is just as its name describes it, simple.

It blocks spam based on three criteria.

  • Contains 5 or more links to external sites
  • Contains [url=http://www.example.com]example[/url] style links (my blog does not support bbcode style links)
  • Contains a word that matches a short list of common spam words

I installed it yesterday because though I am running Akismet for now on my blog, I still get hundreds of comment in the spam bin. And getting legitimate comments out of it can be quite a pain.

I had come across the plugin when it was released itself, but decided to actually check the need for it and so observed Akismet queue for the type of comments and found that most of the comments fit the criteria above.

On installation, in the past 24 hours, I’ve had over 430 comments blocked and just one spam comment in the Akismet bin.

Needless to say the plugin is doing its job well.

Just one doubt is to know what exactly is getting blocked. Again, it is really rare than any legitimate visitor will break one of the three conditions above.

What I would like to see is the ability to customize the number of links beyond which comments are blocked.
Another good feature would be the ability to add words from within wp-admin itself and not by editing the files (I believe the author has this in mind).

Needless to say, this is one plugin that’s going onto most of my blogs.

heading
heading
26
Responses

 

Comments

  1. Ben (1 comments.) says:

    I found out about, and installed, simple spam filter this morning. I really like the simplicity and it appears to work really well. I get the impression that the developer intends to continue working on it as well, so I will be interested to see what is added. I really hope he sticks with the simplicity and doesn’t over complicate things.

  2. Dave (5 comments.) says:

    Great review. If it’s good enough for you, it’s good enough for me! I shall install it tonight (applause).

  3. Rasmus (10 comments.) says:

    It sounds like a plugin that could be interesting. I just don’t like that there is no possibility to review the comments that are blocked. I would hate having a real comment discarded automatically without me being able to allow it in the end.

  4. Truden (17 comments.) says:

    What about simple SPAM like:
    “I have some good and attractive stuff for you.
    Visit my web site.”

    No links, no brackets, no spam words.
    Just the link in my username.

  5. LcF (19 comments.) says:

    the 3 simple rules are good enough to block most comment spams and give a cleaner Akismet bin, which make checking Akismet false positive recovery easier. my 2 cents.

  6. Truden (17 comments.) says:

    LcF, you don’t need plugin for that.
    It comes standard in WordPress.
    Check your admin panel, my friend :)

  7. LcF (1 comments.) says:

    Truden, what we have on the admin panel is “Hold the comments in the moderation queue”. With Akismet installed, the spam comments will be keep in Akismet bin. The spam comments are not Deleted. Am I correct, my friend :)

  8. Truden (17 comments.) says:

    Go in your Admin panel – Options – Discussion

    For the number of links you have “Comment Moderation”
    For the brackets and spam words you have “Comment Blacklist”

    You can put [url= to filter the bbcode.

  9. Truden (17 comments.) says:

    BTHW, LcF, Akismet stops spam with more than 5 links with no problem.
    If you want to help Akismet you better use the “Comment Blacklist”

  10. Ajay (209 comments.) says:

    @Truden, you are right about using the Comment Blacklist to filter out all the spam. However, Simple Spam Filter adds that additional five links feature that gives Akismet a cleaner bin.
    It’s not about Akismet or SK2 not catching the spam, it’s about feeding it lesser spam so you can filter out false positives (if any) easily.

  11. Truden (17 comments.) says:

    @Ajay, I understand your point, but there is no false positives in the “five link spam”.
    It just gives you the feeling for cleaner blog, not seeing full spam bin :D
    One click to clean the bin takes less resources than one plugin ;)

  12. Ajay (209 comments.) says:

    Agreed , hehe

  13. Flash Buddy (1 comments.) says:

    This is a tantan plubin where it dumps into a folder named tantan in your plugins folder. If you have other tantan plugins (Flickr Photo Album) the folder will already be there. If this is your first then expanding the archive will create it for you.

    What I don’t like about http://tantannoodles.com plugins is after time goes by I can’t remember what that tantan folder is all about. Other plugin folder or files give you a hint, theme-switcher.php & sexycomments for instance.

    What I like about Joe Tan and his plugins is they check themselves for updates via wp-admin.

  14. mypapit (3 comments.) says:

    I rather use Spam Karma 2 in this case, Akismet proves to be ineffective when it holds a damn lot more spams in moderation.

  15. Ozh (88 comments.) says:

    I dont get the point of this plugin ?? All it does is already here in the Options / Discussion page : more than 5 links, contains “[url=" and/or "[/url]” (and, to be sure, “[URL=" and "[/URL"]).

  16. mypapit (3 comments.) says:

    yeah sounds a bit redundant to me. Maybe it is effective for free Akismet anti-spam plugin users. afaik SK2 takes care most of the spam without needing me to clean up the rest of the mess

  17. Joe (3 comments.) says:

    yup, I’m working on adding an options panel to allow people to change the various settings :)

    Just a note, the difference between the plugin and WordPress’ builtin “Options -> Discussion” comment settings is that those WP options still saves spam comments into your spam / moderation queue (thus checking for false positives is a pain), whereas this plugin rejects spams with an error message and thus would never make it into any queue.

    Regarding false positives, the error message clearly outlines why the comment was rejected, so a real person could go back and modify their comment around that error. A spambot is probably not so intelligent (yet).

    In anycase, this plugin isn’t ment to stop all spam… but ment to be a prefilter and used in conjunction with other plugins like akismet or SK2.

  18. mypapit (3 comments.) says:

    thanks for the explanation, its clear to me now

  19. Truden (17 comments.) says:

    I’m posting this second time, because in the first post used spam words in the code, and I’m sure the comment got deleted automatically.

    What I want to say is:

    ( Firstly, excuse my ignorance. I’m just a carpenter :D )

    Isn’t it easier to put some checking code in wp-comments-post.php and stop the spam without using few anti-spam plugins?

    I found this in the Internet, and I think that it does good job in stopping automated spam:

    if(!isset($_SERVER['HTTP_USER_AGENT'])){
    die("Forbidden - This page is for normal browsers only");
    exit;
    }
    if(!$_SERVER['REQUEST_METHOD'] == "POST"){
    wp_die("Forbidden - You can post from my form only!");
    exit;
    }
    // Host names from where the form is authorized
    // to be posted from:
    $authHosts = array("mnogo.truden.com");
    // Where have we been posted from?
    $fromArray = parse_url(strtolower($_SERVER['HTTP_REFERER']));
    // Test to see if the $fromArray used www to get here.
    $wwwUsed = strpos($fromArray['host'], "www.");
    // Make sure the form was posted from an approved host name.
    if(!in_array(($wwwUsed === false ? $fromArray['host'] : substr(stristr($fromArray['host'], '.'), 1)), $authHosts)){
    wp_die("Forbidden - No, No, No!");
    exit;
    }
    // Attempt to defend against header injections:
    $badStrings = array(
    "spamword1",
    "spamword2",
    "spamword3");
    // Loop through each POST'ed value and test if it contains
    // one of the $badStrings:
    foreach($_POST as $k => $v){
    foreach($badStrings as $v2){
    if(strpos($v, $v2) !== false){
    wp_die("Forbidden - You have used BAD SPAM words! Clean your language and come back again.");
    exit;
    }
    }
    }
    // free up used memory
    unset($k, $v, $v2, $badStrings, $authHosts, $fromArray, $badStrings);

  20. Truden (17 comments.) says:

    There is small none fatal error in the code that I posted above.
    Last line, last variable is not $badStrings, but $wwwUsed
    Just in case someone wants to try it ;)

  21. azrin (4 comments.) says:

    Renaming yr comments.php makes things far easier to manage and deter spam.

    azrin @ http://www.azrin.net

  22. Truden (17 comments.) says:

    Renaming yr comments.php makes things far easier to manage and deter spam.

    That trick is older than me (I’m fifty :D )
    Doesn’t work with clever spammers.

    The tricks are countless.
    I made website where anonymous can post articles and comments.
    The site is without spam protection, but did not get one single spam article or comment.

    We are talking here about standard GPL product used by hundred of thousands weblogs.

    BTHW, I’m using 6KB of code to protect my weblog from SPAM.
    That is EASY ;)

  23. John Black says:

    What I like about this plugin is its simplicity. Being able to change the number of links would be great. Also, some intructions about how to enter urls would be helpful. I tried Spam Karma 2, but uninstalled it because it doesn’t allow me to moderate some regular contributors whose comments I like post only on a selective basis.



Trackbacks/Pingbacks

  1. [...] doing some theme tweaks this morning, I started to check through some things and noticed the APAD: Simple Spam Filter on the WordPress dashboard. Curious as always, I visited the plugin site for Simple Spam Filter for [...]

  2. [...] 除了使用 Akismet 这个防垃圾留言的插件之外,这个是一个不错的补充?翻译自:Weblog Tools Collection 的 APAD: Simple Spam Filter [...]

Obviously Powered by WordPress. © 2003-2013

page counter
css.php