The battle against SPAM continues, so I have another hurdle you can implement to help prevent bots from submitting comments and registering accounts. Although this tip is aimed at WordPress, the basic idea can be applied to any application.
Now it looks like this:
<script>document.write('<input name="submit" type="submit" id="<?php echo esc_attr( $args['id_submit'] ); ?>" value="<?php echo esc_attr( $args['label_submit'] ); ?>" />');</script>
<script>document.write('<p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button-primary" value="<?php esc_attr_e('Register'); ?>" tabindex="100" /></p>');</script>
Core File! Since this tip is an adjustment to the WordPress core, you will need to adjust it after each update. Make a note of it with a link back here so you don’t forget.
Does It Work?
While it works as it’s intended, it unfortunately won’t stop all spammers, but it may stop a few.
Measures to prevent spammers, such as CAPTCHA, are actually rather successful in stopping bots, but human spammers are an increasing problem. If a legitimate person can do it, a human spammer can too.
During the five months that I required user registration, I got 200+ registrations, but zero comments from spammers or legitimate users. That was unacceptable because people generally dislike registrations and logging in to post a quick remark, so I was alienating legitimate users. As for the spammers, I was just moving them from comments to registrations.
So, it’s a constant battle. You want real comments, not SPAM comments, but you don’t want to put up so many hurdles to block spammers that you end up losing out on legitimate ones. Just food for thought as we all battle spammers, bot or human.
Posted in: Web Development