Monday, April 9, 2007

Open Season on Comments

Now that WordPress is in place, I have two plugins to protect against junk comments (i.e.- SPAM!). As a result, all posts on the site are open to comments again!

Under MovableType, I simply closed each post to comments after 14 days because that was about how long it took the SPAM engines to find them and start littering them with objectionable material. With WordPress, it says in fine print that we can use a little less brute force and a lot more finesse to achieve the same result.

Keep reading for more details...

(Before anyone out there complains that I'm being unfair to MovableType, I am aware that I was using a very very old version of their software. This was a result of their shift from a free (though not open-source) license to a commercial license that I chose not to pay for, so I kept running the really old version with its free license. Had I paid for the latest and greatest, I am sure it would have had some kind of similar abilities.)

First, Akismet is a very popular plugin that checks comments against a database of known spammish comments and blocks them. This should prevent those horrible comments that show up by the dozen, advertising anything from online poker to medicines that cure the world (and your personal problems too!)

At the same time, I'm running a plugin called "cryptographp" (a sort-of play on words as it is written in PHP) that generates "CAPTCHAS" for comments. I'm sure everyone has seen these little images before, where you have to decipher the letters and numbers in an image to prove that you are a real-live human being (or at least a well-trained monkey) before you can leave a comment. Hopefully this added requirement won't be too annoying, but I always think it's fun to try out new things.

For those that are curious, CAPTCHA officially stands for "Completely Automated Public Turing test to tell Computers and Humans Apart" (courtesy of Wikipedia). I think they left out a few letters, but I suppose pronunciation would be a bother with "capttttcaha"...

[editor's note: you may or may not see CAPTCHA's when leaving comments going forward, as I am still experimenting with spam detection packages that may replace cryptographp.]