Comment spam is an inevitable annoyance when running a blog that welcomes reader feedback. The MT Blacklist plugin has been doing a pretty good job of helping me fend off unwanted advertisements for prescription drugs; that is until recently. These past few days i've been swarmed with links to thousands of on-line gambling sites. As a quick fix i followed this advice to reduce comment spam. By adding a unique, required hidden form field, it makes it harder for spammers to hit up every blog with the same code.
It's by no means a perfect solution but it's at least an added deterrent. The biggest weakness is that this method uses the same field name and value for all comments. I had been playing around with the idea of making a more secure method by using some sort of salted hash that factors in the both the IP address of the client and the article id if the post they are responding to. You could use these values to create unique form field names and values that can be verified on the server. Maybe i can play with some code this weekend.
UPDATE: This didn't work at all. Read the continuing saga.
Posted by Matthew at October 25, 2004 08:39 PM