Protect WordPress from spam using the field substitution hack! Fighting spam in comments
Last week we started talking about spam on LiveJournal. In the last lesson on this topic, we talked about protecting against spam in comments, and that post ended with my promise to tell you what to do if a comment is not filtered out as spam.
The actions are the simplest. Which? Look for the answer under the cut.
Where did you see the spam comment?
- This someone else's blog. That is, this is someone else's magazine or community in which you are a participant or reader (not). In this case, you can complain to the magazine owner or the community owner/caretaker (a list of these can be found in the community profile). You will not be able to delete someone else's comment in someone else's magazine or community (even if it is spam).
- This your blog: that is, your personal journal or community in which you are listed as a caretaker (or even owner). In this case, all the cards are in your hands.
What to do about a spam comment on your blog?
It must, of course, be deleted, and deleted with a spam mark. There are several advantages to this particular distance:
- first, you ban this user, that is, he will no longer be able to comment on posts in your magazine or community
- secondly, you let LiveJournal staff know about this spam. This way you talk about ways to leave spam and actually help fight it more effectively.
Delete a comment as spam:
Comment has been deleted!
This means the following:
- all comments by this author on the post (not just the one you deleted) have been deleted;
- the author of the comment is blocked in your journal, that is, he will no longer be able to leave comments
- a spam complaint was automatically sent to LiveJournal administrators.
Is it possible to delete comments that just annoy you as spam?
Please don't do this. Please do not delete the following comments as spam:
- not related to the topic of your magazine, but not calling you to buy something or go to some site
Hello dear reader! Today we will talk about WordPress comments, about spam comments on blogs. I think you, like me, are already tired of constantly going to the “spam” folder and manually sorting through comments from automatic or, even worse, manual spam. Then look for a good, meaningful comment in this pile of rubbish, which was stuffed into the spam comments folder by mistake.
That's right, I'm terribly tired of this too. At first I installed many different antispam plugins to protect WordPress from spam. But as practice has shown, all these actions are ineffective. Therefore, one very interesting solution was invented, although it was not invented by me! I borrowed this method from some blog.
So, I decided to try it and implemented the hack on my blog. After three months, the flight was successful, not a single spam comment for three months. It’s hard to believe, of course, but it’s true. After the experiment, I came to the conclusion that my readers simply must know about protecting WordPress from spam comments using a useful hack - “field substitution”!
The essence of the method!
For manual spam, we will, as always, install a plugin Akismet. I think almost every blogger should have it. If it’s not worth it yet, then there is a lot of literature on the Internet about how to install it and how to activate it. This plugin will protect our blog from manual spam in comments. And the “field substitution” hack, in turn, will protect the blog from auto spam.
I think it’s worth noting two big advantages of this dance with a tambourine: first, we get rid of the constant problem of auto spam and second, we no longer have to edit the engine files after updating WordPress. True, as always, there is a minus, you will have to cheat two files in our topic, comments.php And style.css. But in my opinion, this minus is insignificant.
The essence of the method is approximately the following! If you are an advanced blogger, you should know that the standard comment field is named comment , so we will hide the real field and replace it with a new real-comment field.
For your readers and visitors, everything will remain as before, but now they will fill in the visible real-comment field. But spam scripts will fill in the standard comment field, which we will hide. They don’t understand that a person will not be able to fill out a text field that is not visible on the blog pages. This is where we will catch a spam comment, because such a comment will be identified by the filled invisible comment field.
In general, everything is as simple as two and two. A person fills out the visible real-comment field, and a spam script will fill out the standard comment field in the old fashioned way, but this time invisible. A filled invisible field will be a spam comment! :-) I think it's time to get down to business!
1. Comments via the “comment_form()” function
If you display comments using the comment_form() function (this function was introduced in WordPress 3.0 so that using a file functions.php, it was possible to completely replace the standard comment form). If your template uses exactly this function, then you need to open the file functions.php and add the following code there:
//Adding your own comment field add_filter("comment_form_defaults", "change_comment_form_defaults"); function change_comment_form_defaults($default) ( $commenter = wp_get_current_commenter(); $default["comment_notes_after"] .= "
"; return $default; ) //END adding your own comment field
Now we hide our standard field comment, via file "style.css":
Comment-form-comment (display: none;)
So, we've completed the first part of the hack. Now we have a real-comment field that the visitor can see and fill in, and a standard comment field that is hidden! In the next step, we need to determine which of these fields to skip and which to disable. If the visible field is filled, then we pass, and if the invisible field is filled, then we disable it. To do this, open the file functions.php and add the code there:
2. Comments not via the “comment_form()” function
If your comments are not displayed through the comment_form() function, like mine! In this case, open the file comments.php and find there the code that displays the field for entering a comment. Something similar to:
This code must be replaced with:
Now we need to hide the standard comment field. To do this, open your template's style file “style.css” and add the code there:
No-spam (position: absolute; left: -1000px;)
No-spam (display: none;)
Also in this method, do not forget to add the code in the file functions.php, to determine which of these fields to skip and which to disable.
//Check for spam add_filter("pre_comment_on_post", "verify_spam"); function verify_spam($commentdata) ( $spam_test_field = trim($_POST["comment"]); if(!empty($spam_test_field)) wp_die("No spam!"); $comment_content = trim($_POST["real- comment"]); $_POST["comment"] = $comment_content; return $commentdata; ) //END spam check
That's basically it! Now spam comments will no longer disturb you and your blog. If you doubt whether you did everything correctly, you can check how this hack works to protect WordPress from spam. To do this, you need to remove from the file style.css changes made, update the blog page, fill out each comment field and try to publish the comment!
All questions, wishes and comments, write in the comments to the article.
Any Internet user constantly encounters spam. Spam floods mailboxes: various commercial offers from unknown companies, information about allegedly won amounts, advertisements for various goods or services - the list goes on and on. This infection has also affected blogs: most of the comments on them are regular spam. If it is not cleaned, it can grow to gigantic proportions, which will certainly scare off readers. Who wants to read a blog that the creators don't follow?
Spam sent to an email address and spam posted in blog comments usually have different goals. If in the first case spammers want to arouse interest in some product or service, then in the second case spam is aimed more at search engines.
Spam in comments and search engines
Why would spammers promote their sites through your blog? Let's try to answer this question. A few years ago, Google introduced a new search technique called PageRank. Along with assessing the indexable content of a page, this technique also took into account the number of links on the page and their importance. Thanks to PageRank, Google is by far the best search engine in terms of the relevance of the results found. Since the search engine relies heavily on PageRank, people tend to artificially inflate it through links. All this is called in one word Google bombing.
Google bombing is a situation where a large number of web pages link to the original page with the same link text (anchor), which allows you to influence the ranking of the page in search results. Now let's go back to spammers. Let's say they have a website that sells an abstract remedy called "mydrug". Naturally, spammers want this site to rank at the top of search results for the query “mydrug.” To create the Google bomb effect, spammers leave comments on thousands of blogs with a link to their site. Spammers don't care whether you read the comment they leave (it's much better for them that you don't notice it at all, otherwise you'll immediately delete it), they care that the search engine takes that comment into account when indexing the page.
Fighting spam in comments
Comment moderation is a very effective step in dealing with unwanted comments. The best defense against spam is to carefully monitor comments. In the Comments section of the admin panel, you can see a list of recent comments on any posts, so you can quickly track spammer activity on your site. The faster you remove unnecessary comments, the less likely it is that spammers will return to your site again.
Hidden spam
Spammers are mastering more and more new spam techniques. Hidden spam may look like this: from the point of view of textual information, this is quite an ordinary comment; The reader's name or URI may be suspicious. The best way to find out if it's spam or not is to follow the link in the reader's URI. If the site looks suspicious, you can delete the comment completely or remove the URI from it.
Another way to spam is to use a div tag that contains hundreds of third-party links. This type of spam is becoming increasingly common because much of the software displays HTML tags directly, rather than HTML code. To avoid this, the software must strip the tags; in other words, filter HTML tags when adding a comment to the database.
Spam in WordPress
WordPress has built-in anti-spam tools, which means its users can deal with spam activity quickly and easily. To combat spam, I use the Akismet plugin, which allows me to deal with 99% of incoming spam. The remaining one percent can be easily cleaned by hand.
Hello, friends! Spam comments cause harm to the site, today we’ll talk about how to properly delete spam comments.
Deleting Comments in WordPress
When blogging, comments are inevitably written on articles that make the blogger happy. The more comments, the better the search engines evaluate the blog, the better it is promoted, the higher its rating.
But not only comments are written by living people, a lot of various garbage is sent in the form of so-called spam comments to the site, and the number of such comments sometimes reaches impressive sizes.
I haven’t said anything new here, everyone knows about it. At the same time, when working with comments, many beginners make mistakes, which I wanted to warn them about in this short article.
So, to combat spam comments, various plugins are installed; Akismet for WordPress is installed on my blog, which has been serving faithfully for a year and a half now. There is an article ““ written about installing and configuring the plugin, you can look at it.
The plugin works great and spam comments practically do not end up on blog pages. However, there are times when normal comments end up in spam. And, if you stupidly clean your blog of spam, then normal comments are inevitably lost, and it’s a pity for them.
Now you need to quickly look through the spam comments. If you hover over the comment link, an image of the site (blue arrow, screenshot 1) from which it was sent is shown. In a couple of seconds you will understand that this is some kind of left-handed advertising.
It happens that foreigners post comments, these comments are in English (as a rule) - why not answer it? To read an English-language comment, we easily translate it in any translator (for example, Google Translator), and we finally understand that the comment is real and can be answered. You can answer in Russian, or in English.
If you decide to respond, then you must first hover over the desired comment with the mouse, the “Not spam” message will be activated (see screenshot),
which you need to click on. A new window opens, here we click “Pending”, now when we hover over a comment, the “Approve” button appears,
After this, the comment appears on the blog under the article. You can give a reply comment.
We mercilessly delete other spam comments. The fact is that they load the site’s database and when there are a lot of them, this even affects the time it opens. The website (blog) database also needs to be cleaned periodically. You can see how to do this in the articles “” and ““. This work can be completed by any beginner.
Apart from clogging the database and confusing search robots, these links do nothing. They also need to be cleaned constantly. They are easy to recognize (see screenshot),
And you also need to keep in mind that the more comments you have on your blog, the more duplicate pages there will be, and this is severely punished by Google and the blog begins to lose positions and visitors. Duplicates need to be removed. How to find out how many duplicates you have on your blog was written in the previous one, if you want to find out, then at the end of the previous article, start the video. Sometimes the number of takes can be several thousand.
Best regards, Ivan Kunpan.
P.S. If your blog is not progressing well, has few visitors, perhaps a serious mistake was made when creating it, because a blog must be created in a strictly defined sequence. To check the correctness of creation and promotion, and check, then correct errors.
Properly written and optimized articles influence blog promotion. How to correctly write and optimize articles, how to work with comments correctly is written in my book ““, download the book, it will benefit you.
Receive new blog articles directly to your email. Fill out the form, click the "Subscribe" button
I never thought that I would write this article and right now. But I have to, because the problem affected me personally. The problem is not spam as such. And the problem is not how to deal with it, but the problem is how the fight against spam affected me, or rather not me, but my site, where you are now, dear reader.
In short, the point is this: there is an Akismet plugin that automatically filters spam comments on your website. The plugin is useful - no questions asked! Its benefits are everywhere; without it, your blog would drown in a stream of spam, and you would choke on this stream, stopping and throwing this garbage overboard. But here's the problem. This plugin works according to the principle: I pressed it once, I thought, pressed twice, you’re screwed! Or, in other words, if you click on someone’s spam comment on your website, then that’s it, that person will no longer get through to your website! No matter how he tries, his link to the site is recorded, his IP address is recorded, his gravatar soap is recorded.
So what - you ask. Otherwise! The database is common to the entire Internet. That is, statistics flow into the database from all over the Internet. And if somewhere, someone clicks spam on you once, then nothing bad will happen. But if there are several such clicks, then you have problems... As you probably already guessed, I have such problems. I admit honestly - due to the inexperience of a novice blogger, a la webmaster, at first I wrote comments with links to people on their sites - I invited them to MLM -project. But there was little sense and soon I... What happened next, I have no idea. But the fact is a fact - I can’t write comments - I’m banned from almost all sites that have the plugin activated. How I sinned and whom I angered, I don’t even know.
Now, in order to leave a comment, I have to pervert myself - change the link in the site address field, and send this type of text: “Dear admin! I left you a comment on your article, but it most likely ended up in the spam folder - the Akismet plugin banned me by mistake. If you don't mind, please remove my previous comment from spam, and send this one to the trash, but NOT to spam! Thank you in advance". If suddenly, dear reader, you recognize this text, don’t blame me – I was trying to get to you, trying to bypass the plugin.
The most interesting thing is that attempts to write to Akismetov’s technical support did not produce any effect other than dead, deaf silence, like in a tank. They don’t have the time to deal with such small fry who activated their creation for free. What is most interesting is that the Akismet people themselves, in the description of their miracle technology, claim that clicking the spam button does not affect the ability to leave comments on other sites - where you clicked, they will not be allowed there. But this is only in their description; in reality it is not at all like that.
Therefore, I have a huge request to you, dear colleagues - do not just click the spam button on your website on comments that you think are objectionable to you. It’s not a fact that you always and everywhere write everything that the authors want to hear, and it’s not a fact that the same thing won’t happen to you. I, of course, will not claim that spam is not being sent from my IP, although I checked this and was not noticed anywhere, despite the fact that I know for DEFINITELY that I did not do this, because I myself do not tolerate spam and such methods I don’t even understand, due to their stupidity. I’m probably left thinking that someone didn’t like me with my comments. Well, I apologize if I offended anyone, although I in no way set this goal for myself. But you can simply delete a comment to the trash bin - if someone is not stupid, they will understand that they are not welcome, why ruin each other’s lives everywhere? It is so?
Finally, I want to tell you that I will be glad to see you again on the blog pages and ask you to leave your opinion if you also encounter such a problem. Also, watch the video about spam in the comments for clarity. And so that you don't have any accidental clicks. Remember that on the Internet, every word and letter is recorded and your every action is recorded forever. Once again, I'm sorry if I offended or disturbed anyone.
P.S. I’ll make a video when the spam appears for clarity, otherwise I just cleared everything - I didn’t think it would be useful.
P.P.S. Comments appeared in the spam folder, so I recorded a video, watch it, it might come in handy.
Follow the buttons, tell your friends about the article - this will lead to money!
