Reduce WordPress Spam By Creating Fake Comment Forms For Spam Bots
Last month I gave tips on how to eliminate WordPress Spam forever. Today I’ve got an ever better tip for reducing comment spam on WordPress blogs, but should also work on other sites with comment forms.
My friend Billy came up with a neat mod to trick these spam bots on my site, which is increasingly coming under attack. Most comment spam comes from spam bots that try to post comments to the first comment forms they see. So, what I’ve done on this blog is create a few fake forms that are placed in front of the real comment form, and are invisible to real readers. This means that the stupid spam bots try and post spam to these forms first, and never make it through to the real forms so I never see the spam!
To add fake comment forms to your site do the following:
Create the Fake forms
- In your WordPress comments.php file look for the following lines:
- Directly inbetween these lines add the following:
<?php else : ?>
<form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">
<?php /* ===============================fake =======================================*/?>
<div style="display:none;">
<form action="<?php echo get_option('siteurl'); ?>/fakecommentform.php" method="post" id="commentform">
<input type="text" name="author" id="author" value="" size="22" tabindex="1" />
<input type="text" name="email" id="email" value="" size="22" tabindex="2" />
<input type="text" name="url" id="url" value="" size="22" tabindex="3" />
<textarea name="comment" cols="20%" rows="10" tabindex="4">1</textarea>
<input name="submit" type="submit" id="submit" tabindex="5" value="Submit Comment" />
<input type="hidden" name="comment_post_ID" value="<?php rand(2000,5000); ?>" />
</form>
</div>
<div style="display:none;">
<form action="<?php echo get_option('siteurl'); ?>/fakecommentform.php" method="post" id="commentform">
<input type="text" name="author" id="author" value="" size="22" tabindex="1" />
<input type="text" name="email" id="email" value="" size="22" tabindex="2" />
<input type="text" name="url" id="url" value="" size="22" tabindex="3" />
<textarea name="comment" cols="20%" rows="10" tabindex="4">1</textarea>
<input name="submit" type="submit" id="submit" tabindex="5" value="Submit Comment" />
<input type="hidden" name="comment_post_ID" value="<?php rand(2000,5000); ?>" />
</form>
</div>
<?php /* ===============================fake end =======================================*/?>
so that your comments.php now looks like this:
<?php else : ?><?php /* ===============================fake =======================================*/?>
<div style="display:none;">
<form action="<?php echo get_option('siteurl'); ?>/fakecommentform.php" method="post" id="commentform">
<input type="text" name="author" id="author" value="" size="22" tabindex="1" />
<input type="text" name="email" id="email" value="" size="22" tabindex="2" />
<input type="text" name="url" id="url" value="" size="22" tabindex="3" />
<textarea name="comment" cols="20%" rows="10" tabindex="4">1</textarea>
<input name="submit" type="submit" id="submit" tabindex="5" value="Submit Comment" />
<input type="hidden" name="comment_post_ID" value="<?php rand(2000,5000); ?>" />
</form>
</div>
<div style="display:none;">
<form action="<?php echo get_option('siteurl'); ?>/fakecommentform.php" method="post" id="commentform">
<input type="text" name="author" id="author" value="" size="22" tabindex="1" />
<input type="text" name="email" id="email" value="" size="22" tabindex="2" />
<input type="text" name="url" id="url" value="" size="22" tabindex="3" />
<textarea name="comment" cols="20%" rows="10" tabindex="4">1</textarea>
<input name="submit" type="submit" id="submit" tabindex="5" value="Submit Comment" />
<input type="hidden" name="comment_post_ID" value="<?php rand(2000,5000); ?>" />
</form>
</div>
<?php /* ===============================fake end =======================================*/?>
<form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">
Continue Reading This Post:12
Enjoyed This Tip? Subscribe Now For One Tip A Day!
| Posted 16th Feb 2007 Related Posts
- Complete Guide To Eliminating Blog Spam
- How To Control Text Inside Search Forms
- How To Eliminate WordPress Spam Forever!
- More In The Archives
February 16th, 2007 09:05 GMT
Hi Tony,
Most users usually have the
wp-comments-post.phpinstead ofwp-cpp.phpFebruary 16th, 2007 09:06 GMT
thanks will update now
February 16th, 2007 10:49 GMT
February 16th, 2007 11:39 GMT
Thats so simple, but so clever… I’m definitely going to try this… I’ve already reduced a lot of my spam by renaming the comments page, and blocking direct attempts to post to it with mod_security, but this should hopefully kill off those last few bots that do actually scan the page and try to find a comment form to post to.
February 16th, 2007 11:47 GMT
let me know how you get on - so far it’s working fine for me. If it works don’t forget to show some love and digg ajay’s submission.
Now all I need to do is work out a way to stop trackback spam as that’s all I’m getting now…..