Improve Spam protection #1

New Issue

Closed

opened 2023-01-21 08:36:35 +08:00 by Tetrakern · 1 comment

Tetrakern commented 2023-01-21 08:36:35 +08:00 (Migrated from github.com)

Copy Link

Currently, the spam protection is extremely simple (although surprisingly effective). Just a combination of limiting the number of links (can be set) and a client-side generated field (if enabled). Any bot not running JavaScript, which is the vast majority, automatically fails here. However, the field is static and could easily be fooled by more sophisticated spammers.

Anti-spam plugins should still work, so perhaps going crazy here is not necessary.

Possible Enhancements:

• Randomized field value that must match (requires a session)
• Hashcash (make spamming expensive)
• Additional honeypots

Resources:

• Partial: _comments_controller.php
• Option: fictioneer_require_js_to_comment
• Action: fictioneer_preprocess_comment

Currently, the spam protection is extremely simple (although surprisingly effective). Just a combination of limiting the number of links (can be set) and a [client-side generated field](https://davidwalsh.name/wordpress-comment-spam) (if enabled). Any bot not running JavaScript, which is the vast majority, automatically fails here. However, the field is static and could easily be fooled by more sophisticated spammers. Anti-spam plugins should still work, so perhaps going crazy here is not necessary. **Possible Enhancements:** * Randomized field value that must match (requires a session) * [Hashcash](http://www.hashcash.org/) (make spamming expensive) * Additional honeypots **Resources:** * Partial: [_comments_controller.php](https://github.com/Tetrakern/fictioneer/blob/main/includes/functions/comments/_comments_controller.php) * Option: `fictioneer_require_js_to_comment` * Action: `fictioneer_preprocess_comment`

Tetrakern commented 2024-05-11 22:05:12 +08:00 (Migrated from github.com)

Copy Link

Since there has not been any issue with spam yet that could not be dealt with, I'm closing this

Since there has not been any issue with spam yet that could not be dealt with, I'm closing this

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

No results found.

v5.27.1

v5.27.0

v5.26.1

v5.26.0

v5.25.0

v5.24.4

v5.24.3

v5.24.2

v5.24.1

v5.24.0

v5.23.0

v5.22.4

v5.22.3

v5.22.2

v5.22.1

v5.22.0

v5.21.1

v5.21.0

v5.20.4

v5.20.3

v5.20.2

v5.20.1

v5.20.0

v5.19.0

v5.18.3

v5.18.2

v5.18.1

v5.18.0

v5.17.2

v5.17.1

v5.17.0

v5.16.0

v5.15.2

v5.15.1

v5.15.0

v5.14.0

v5.13.0

v5.12.4

v5.12.3

v5.12.2

v5.12.1

v5.12.0

v5.11.0

v5.10.0

v5.9.3

v5.9.2

v5.9.1

v5.9.0

v5.8.7

v5.8.6

v5.8.5

v5.8.4

v5.8.3

v5.8.2

v5.8.1

v5.8.0

v5.7.7

v5.7.6

v5.7.5

v5.7.4

v5.7.3

v5.7.2

v5.7.1

v5.7.0

v5.6.2

v5.6.1

v5.6.0

v5.5.3

v5.5.2

v5.5.1

v5.5.0

v5.4.8

v5.4.7

v5.4.6

v5.4.5

v5.4.4

v5.4.3

v5.4.2

v5.4.1

v5.4.0

v5.3.2

v5.3.1

v5.3.0

v5.2.4

v5.2.3

v5.2.2

v5.2.1

v5.2.0

v5.1.2

v5.1.1

v5.1.0

v5.0.20

v5.0.19

v5.0.18

v5.0.17

v5.0.16

v5.0.15

v5.0.14

v5.0.13

v5.0.12

v5.0.11

v5.0.10

v5.0.9

v5.0.8

v5.0.7

v5.0.6

v5.0.5

v5.0.4

v5.0.3

v5.0.2

v5.0.1

v5.0.0

Labels

Clear labels

bug

Something isn't working

customization

Can be achieved with actions, filters, and some CSS.

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

enhancement

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: malhuda/fictioneer#1

No description provided.