Anti-spam - Version 3.0

Version Description

  • 2014-12-02 =
  • added 'spam points' algorithm
  • refactor code structure
Download this release

Release Info

Developer webvitaly
Plugin Icon 128x128 Anti-spam
Version 3.0
Comparing to
See all releases

Code changes from version 2.6 to 3.0

Files changed (4) hide show
  1. anti-spam.php +107 -54
  2. js/anti-spam-3.0.js +41 -0
  3. js/anti-spam.js +0 -39
  4. readme.txt +43 -17
anti-spam.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: Anti-spam
4
  Plugin URI: http://wordpress.org/plugins/anti-spam/
5
  Description: No spam in comments. No captcha.
6
- Version: 2.6
7
  Author: webvitaly
8
  Author URI: http://web-profile.com.ua/wordpress/plugins/
9
  License: GPLv3
@@ -15,33 +15,42 @@ $antispam_allow_trackbacks = false; // if true, than trackbacks will be allowed
15
  // trackbacks almost not used by users, but mostly used by spammers; pingbacks are always enabled
16
  // more about the difference between trackback and pingback - http://web-profile.com.ua/web/trackback-vs-pingback/
17
 
18
- $antispam_version = '2.6';
19
 
 
 
 
 
 
 
 
 
 
20
 
21
- if ( ! function_exists('antispam_enqueue_script') ) :
 
22
  function antispam_enqueue_script() {
23
- global $antispam_version;
24
- if (!is_admin()) {
25
- wp_enqueue_script('anti-spam-script', plugins_url('/js/anti-spam.js', __FILE__), array('jquery'), $antispam_version);
26
  }
27
  }
28
- add_action('init', 'antispam_enqueue_script');
29
  endif; // end of antispam_enqueue_script()
30
 
31
 
32
- if ( ! function_exists('antispam_form_part') ) :
33
  function antispam_form_part() {
34
- global $antispam_version;
35
  if ( ! is_user_logged_in() ) { // add anti-spam fields only for not logged in users
36
- echo '<p class="comment-form-antispm" style="clear: both;">
37
  <strong>Current ye@r</strong> <span class="required">*</span>
38
- <input type="hidden" name="antispm-a" class="antispm-a" value="'.date('Y').'" />
39
- <input type="text" name="antispm-q" class="antispm-q" value="'.$antispam_version.'" />
40
  </p>'; // question (hidden with js) [required="required"]
41
 
42
- echo '<p class="comment-form-antispm-2" style="display: none;">
43
  <strong>Leave this field empty</strong>
44
- <input type="text" name="antispm-e-email-url" class="antispm-e-email-url" value="" />
45
  </p>'; // empty field (hidden with css)
46
  }
47
  }
@@ -49,89 +58,133 @@ if ( ! function_exists('antispam_form_part') ) :
49
  endif; // end of antispam_form_part()
50
 
51
 
52
- if ( ! function_exists('antispam_check_comment') ) :
53
  function antispam_check_comment($commentdata) {
54
- global $antispam_send_spam_comment_to_admin, $antispam_allow_trackbacks;
 
 
 
55
  extract($commentdata);
56
 
57
  $antispam_pre_error_message = '<p><strong><a href="javascript:window.history.back()">Go back</a></strong> and try again.</p>';
58
  $antispam_error_message = '';
59
 
60
- if ($antispam_send_spam_comment_to_admin) { // if sending email to admin is enabled
61
- $antispam_admin_email = get_option('admin_email'); // admin email
62
-
63
  $post = get_post($comment->comment_post_ID);
64
- $antispam_message_spam_info = 'Spam for post: "'.$post->post_title.'"' . "\r\n";
65
- $antispam_message_spam_info .= get_permalink($comment->comment_post_ID) . "\r\n\r\n";
66
 
67
- $antispam_message_spam_info .= 'IP: ' . $_SERVER['REMOTE_ADDR'] . "\r\n";
68
- $antispam_message_spam_info .= 'User agent: ' . $_SERVER['HTTP_USER_AGENT'] . "\r\n";
69
- $antispam_message_spam_info .= 'Referer: ' . $_SERVER['HTTP_REFERER'] . "\r\n\r\n";
70
 
71
- $antispam_message_spam_info .= 'Comment data:'."\r\n"; // lets see what comment data spammers try to submit
72
  foreach ($commentdata as $key => $value) {
73
- $antispam_message_spam_info .= '$commentdata['.$key. '] = '.$value."\r\n"; // .chr(13).chr(10)
74
  }
75
- $antispam_message_spam_info .= "\r\n\r\n";
76
 
77
- $antispam_message_spam_info .= 'Post vars:'."\r\n"; // lets see what post vars spammers try to submit
78
  foreach ($_POST as $key => $value) {
79
- $antispam_message_spam_info .= '$_POST['.$key. '] = '.$value."\r\n"; // .chr(13).chr(10)
80
  }
81
- $antispam_message_spam_info .= "\r\n\r\n";
82
 
83
- $antispam_message_spam_info .= 'Cookie vars:'."\r\n"; // lets see what cookie vars spammers try to submit
84
  foreach ($_COOKIE as $key => $value) {
85
- $antispam_message_spam_info .= '$_COOKIE['.$key. '] = '.$value."\r\n"; // .chr(13).chr(10)
86
  }
87
- $antispam_message_spam_info .= "\r\n\r\n";
88
 
89
- $antispam_message_append = '-----------------------------'."\r\n";
90
- $antispam_message_append .= 'This is spam comment rejected by Anti-spam plugin - wordpress.org/plugins/anti-spam/' . "\r\n";
91
- $antispam_message_append .= 'You may edit "anti-spam.php" file and disable this notification.' . "\r\n";
92
- $antispam_message_append .= 'You should find "$antispam_send_spam_comment_to_admin" and make it equal to "false".' . "\r\n";
93
  }
94
 
95
- if ( ! is_user_logged_in() && $comment_type != 'pingback' && $comment_type != 'trackback' ) { // logged in user is not a spammer
96
  $spam_flag = false;
97
 
98
- if ( array_key_exists('antispm-q', $_POST) && trim($_POST['antispm-q']) != date('Y') ) { // answer is wrong - maybe spam
99
  $spam_flag = true;
100
- if ( empty( $_POST['antispm-q'] ) ) { // empty answer - maybe spam
101
- $antispam_error_message .= 'Error: empty answer. ['.$_POST['antispm-q'].']<br> ';
102
  } else {
103
- $antispam_error_message .= 'Error: answer is wrong. ['.$_POST['antispm-q'].']<br> ';
104
  }
105
  }
106
 
107
- if ( ! empty( $_POST['antispm-e-email-url'] ) ) { // field is not empty - maybe spam
108
  $spam_flag = true;
109
- $antispam_error_message .= 'Error: field should be empty. ['.$_POST['antispm-e-email-url'].']<br> ';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
110
  }
111
 
112
- if ( $spam_flag ) { // if we have spam
113
- if ( $antispam_send_spam_comment_to_admin ) { // if sending email to admin is enabled
 
114
  $antispam_subject = 'Spam comment on site ['.get_bloginfo('name').']'; // email subject
115
  $antispam_message = '';
116
- $antispam_message .= $antispam_error_message . "\r\n\r\n";
117
  $antispam_message .= $antispam_message_spam_info; // spam comment, post, cookie and other data
118
  $antispam_message .= $antispam_message_append;
119
- @wp_mail($antispam_admin_email, $antispam_subject, $antispam_message); // send spam comment to admin email
120
  }
121
  wp_die( $antispam_pre_error_message . $antispam_error_message ); // die - do not send comment and show errors
122
  }
123
  }
124
 
125
- if ( ! $antispam_allow_trackbacks ) { // if trackbacks are blocked (pingbacks are alowed)
126
  if ($comment_type == 'trackback') { // if trackbacks ( || $comment_type == 'pingback')
127
  $antispam_error_message .= 'Error: trackbacks are disabled.<br> ';
128
- if ( $antispam_send_spam_comment_to_admin ) { // if sending email to admin is enabled
129
  $antispam_subject = 'Spam trackback on site ['.get_bloginfo('name').']'; // email subject
130
  $antispam_message = '';
131
- $antispam_message .= $antispam_error_message . "\r\n\r\n";
132
  $antispam_message .= $antispam_message_spam_info; // spam comment, post, cookie and other data
133
  $antispam_message .= $antispam_message_append;
134
- @wp_mail($antispam_admin_email, $antispam_subject, $antispam_message); // send trackback comment to admin email
135
  }
136
  wp_die($antispam_pre_error_message . $antispam_error_message); // die - do not send trackback
137
  }
@@ -140,13 +193,13 @@ if ( ! function_exists('antispam_check_comment') ) :
140
  return $commentdata; // if comment does not looks like spam
141
  }
142
 
143
- if ( ! is_admin() ) {
144
  add_filter('preprocess_comment', 'antispam_check_comment', 1);
145
  }
146
  endif; // end of antispam_check_comment()
147
 
148
 
149
- if ( ! function_exists('antispam_plugin_meta') ) :
150
  function antispam_plugin_meta($links, $file) { // add some links to plugin meta row
151
  if (strpos($file, 'anti-spam.php') !== false) {
152
  $links = array_merge($links, array('<a href="http://web-profile.com.ua/wordpress/plugins/anti-spam/" title="Plugin page">Anti-spam</a>'));
3
  Plugin Name: Anti-spam
4
  Plugin URI: http://wordpress.org/plugins/anti-spam/
5
  Description: No spam in comments. No captcha.
6
+ Version: 3.0
7
  Author: webvitaly
8
  Author URI: http://web-profile.com.ua/wordpress/plugins/
9
  License: GPLv3
15
  // trackbacks almost not used by users, but mostly used by spammers; pingbacks are always enabled
16
  // more about the difference between trackback and pingback - http://web-profile.com.ua/web/trackback-vs-pingback/
17
 
 
18
 
19
+ $antispam_settings = array(
20
+ 'send_spam_comment_to_admin' => $antispam_send_spam_comment_to_admin,
21
+ 'allow_trackbacks' => $antispam_allow_trackbacks,
22
+ 'version' => '3.0',
23
+ 'admin_email' => get_option('admin_email'),
24
+ 'max_spam_points' => 3, // if more - it is spam
25
+ 'max_links_number' => 2, // if more - +1 spam point
26
+ 'max_comment_length' => 2000 // if more - +1 spam point
27
+ );
28
 
29
+
30
+ if ( ! function_exists('antispam_enqueue_script')):
31
  function antispam_enqueue_script() {
32
+ global $antispam_settings;
33
+ if (is_singular() && comments_open()) { // load script only for pages with comments form
34
+ wp_enqueue_script('anti-spam-script', plugins_url('/js/anti-spam-3.0.js', __FILE__), array('jquery'), $antispam_settings['version'], true);
35
  }
36
  }
37
+ add_action('wp_enqueue_scripts', 'antispam_enqueue_script');
38
  endif; // end of antispam_enqueue_script()
39
 
40
 
41
+ if ( ! function_exists('antispam_form_part')):
42
  function antispam_form_part() {
43
+ global $antispam_settings;
44
  if ( ! is_user_logged_in() ) { // add anti-spam fields only for not logged in users
45
+ echo '<p class="antispam-group antispam-group-q" style="clear: both;">
46
  <strong>Current ye@r</strong> <span class="required">*</span>
47
+ <input type="hidden" name="antspm-a" class="antispam-control antispam-control-a" value="'.date('Y').'" />
48
+ <input type="text" name="antspm-q" class="antispam-control antispam-control-q" value="'.$antispam_settings['version'].'" />
49
  </p>'; // question (hidden with js) [required="required"]
50
 
51
+ echo '<p class="antispam-group antispam-group-e" style="display: none;">
52
  <strong>Leave this field empty</strong>
53
+ <input type="text" name="antspm-e-email-url-website" class="antispam-control antispam-control-e" value="" />
54
  </p>'; // empty field (hidden with css)
55
  }
56
  }
58
  endif; // end of antispam_form_part()
59
 
60
 
61
+ if ( ! function_exists('antispam_check_comment')):
62
  function antispam_check_comment($commentdata) {
63
+ global $antispam_settings;
64
+ $spam_points = 0;
65
+ $rn = "\r\n"; // .chr(13).chr(10)
66
+
67
  extract($commentdata);
68
 
69
  $antispam_pre_error_message = '<p><strong><a href="javascript:window.history.back()">Go back</a></strong> and try again.</p>';
70
  $antispam_error_message = '';
71
 
72
+ if ($antispam_settings['send_spam_comment_to_admin']) { // if sending email to admin is enabled
 
 
73
  $post = get_post($comment->comment_post_ID);
74
+ $antispam_message_spam_info = 'Spam for post: "'.$post->post_title.'"' . $rn;
75
+ $antispam_message_spam_info .= get_permalink($comment->comment_post_ID) . $rn.$rn;
76
 
77
+ $antispam_message_spam_info .= 'IP: ' . $_SERVER['REMOTE_ADDR'] . $rn;
78
+ $antispam_message_spam_info .= 'User agent: ' . $_SERVER['HTTP_USER_AGENT'] . $rn;
79
+ $antispam_message_spam_info .= 'Referer: ' . $_SERVER['HTTP_REFERER'] . $rn.$rn;
80
 
81
+ $antispam_message_spam_info .= 'Comment data:'.$rn; // lets see what comment data spammers try to submit
82
  foreach ($commentdata as $key => $value) {
83
+ $antispam_message_spam_info .= '$commentdata['.$key. '] = '.$value.$rn;
84
  }
85
+ $antispam_message_spam_info .= $rn.$rn;
86
 
87
+ $antispam_message_spam_info .= 'Post vars:'.$rn; // lets see what post vars spammers try to submit
88
  foreach ($_POST as $key => $value) {
89
+ $antispam_message_spam_info .= '$_POST['.$key. '] = '.$value.$rn;
90
  }
91
+ $antispam_message_spam_info .= $rn.$rn;
92
 
93
+ $antispam_message_spam_info .= 'Cookie vars:'.$rn; // lets see what cookie vars spammers try to submit
94
  foreach ($_COOKIE as $key => $value) {
95
+ $antispam_message_spam_info .= '$_COOKIE['.$key. '] = '.$value.$rn;
96
  }
97
+ $antispam_message_spam_info .= $rn.$rn;
98
 
99
+ $antispam_message_append = '-----------------------------'.$rn;
100
+ $antispam_message_append .= 'This is spam comment rejected by Anti-spam plugin - wordpress.org/plugins/anti-spam/' . $rn;
101
+ $antispam_message_append .= 'You may edit "anti-spam.php" file and disable this notification.' . $rn;
102
+ $antispam_message_append .= 'You should find "$antispam_send_spam_comment_to_admin" and make it equal to "false".' . $rn;
103
  }
104
 
105
+ if ( ! is_user_logged_in() && $comment_type != 'pingback' && $comment_type != 'trackback') { // logged in user is not a spammer
106
  $spam_flag = false;
107
 
108
+ if (trim($_POST['antspm-q']) != date('Y')) { // year-answer is wrong - it is spam
109
  $spam_flag = true;
110
+ if (empty($_POST['antspm-q'])) { // empty answer - it is spam
111
+ $antispam_error_message .= 'Error: empty answer. ['.$_POST['antspm-q'].']<br> '.$rn;
112
  } else {
113
+ $antispam_error_message .= 'Error: answer is wrong. ['.$_POST['antspm-q'].']<br> '.$rn;
114
  }
115
  }
116
 
117
+ if ( ! empty($_POST['antspm-e-email-url-website'])) { // trap field is not empty - it is spam
118
  $spam_flag = true;
119
+ $antispam_error_message .= 'Error: field should be empty. ['.$_POST['antspm-e-email-url-website'].']<br> '.$rn;
120
+ }
121
+
122
+ // if comment passed general checks lets add extra check
123
+ if (empty($_COOKIE)) { // probably spam
124
+ $spam_points += 1;
125
+ $antispam_error_message .= 'Info: COOKIE array is empty. +1 spam point.<br> '.$rn;
126
+ }
127
+
128
+ if ( ! empty($commentdata[comment_author_url])) { // probably spam
129
+ $spam_points += 1;
130
+ $antispam_error_message .= 'Info: URL field is not empty. +1 spam point.<br> '.$rn;
131
+ }
132
+
133
+ $links_count = substr_count($commentdata[comment_content], 'http');
134
+ if ($links_count > $antispam_settings['max_links_number']) { // probably spam
135
+ $spam_points += 1;
136
+ $antispam_error_message .= 'Info: comment contains too many links ['.$links_count.' links; max = '.$antispam_settings['max_links_number'].']. +1 spam point.<br> '.$rn;
137
+ }
138
+
139
+ if (strpos($commentdata[comment_content], '</') !== false) { // probably spam
140
+ $spam_points += 1;
141
+ $antispam_error_message .= 'Info: comment contains html. +1 spam point.<br> '.$rn;
142
+ }
143
+
144
+ $comment_length = strlen($commentdata[comment_content]);
145
+ if ($comment_length > $antispam_settings['max_comment_length']) { // probably spam
146
+ $spam_points += 1;
147
+ $antispam_error_message .= 'Info: comment is too long ['.$comment_length.' chars; max = '.$antispam_settings['max_comment_length'].']. +1 spam point.<br> '.$rn;
148
+ }
149
+
150
+ if (strpos($commentdata[comment_content], 'rel="nofollow"') !== false) { // probably spam
151
+ $spam_points += 1;
152
+ $antispam_error_message .= 'Info: comment contains rel="nofollow" code. +1 spam point.<br> '.$rn;
153
+ }
154
+
155
+ if (strpos($commentdata[comment_content], '[/url]') !== false) { // probably spam
156
+ $spam_points += 1;
157
+ $antispam_error_message .= 'Info: comment contains [/url] code. +1 spam point.<br> '.$rn;
158
+ }
159
+
160
+ if ($spam_points > 0) {
161
+ $antispam_error_message .= 'Total spam points = '.$spam_points.' [max = '.$antispam_settings['max_spam_points'].']<br> '.$rn;
162
  }
163
 
164
+ if ($spam_flag || $spam_points > $antispam_settings['max_spam_points']) { // it is spam
165
+ $antispam_error_message .= '<strong>Comment was blocked because it is spam.</strong><br> ';
166
+ if ($antispam_settings['send_spam_comment_to_admin']) { // if sending email to admin is enabled
167
  $antispam_subject = 'Spam comment on site ['.get_bloginfo('name').']'; // email subject
168
  $antispam_message = '';
169
+ $antispam_message .= $antispam_error_message . $rn.$rn;
170
  $antispam_message .= $antispam_message_spam_info; // spam comment, post, cookie and other data
171
  $antispam_message .= $antispam_message_append;
172
+ @wp_mail($antispam_settings['admin_email'], $antispam_subject, $antispam_message); // send spam comment to admin email
173
  }
174
  wp_die( $antispam_pre_error_message . $antispam_error_message ); // die - do not send comment and show errors
175
  }
176
  }
177
 
178
+ if ( ! $antispam_settings['allow_trackbacks']) { // if trackbacks are blocked (pingbacks are alowed)
179
  if ($comment_type == 'trackback') { // if trackbacks ( || $comment_type == 'pingback')
180
  $antispam_error_message .= 'Error: trackbacks are disabled.<br> ';
181
+ if ($antispam_settings['send_spam_comment_to_admin']) { // if sending email to admin is enabled
182
  $antispam_subject = 'Spam trackback on site ['.get_bloginfo('name').']'; // email subject
183
  $antispam_message = '';
184
+ $antispam_message .= $antispam_error_message . $rn.$rn;
185
  $antispam_message .= $antispam_message_spam_info; // spam comment, post, cookie and other data
186
  $antispam_message .= $antispam_message_append;
187
+ @wp_mail($antispam_settings['admin_email'], $antispam_subject, $antispam_message); // send trackback comment to admin email
188
  }
189
  wp_die($antispam_pre_error_message . $antispam_error_message); // die - do not send trackback
190
  }
193
  return $commentdata; // if comment does not looks like spam
194
  }
195
 
196
+ if ( ! is_admin()) {
197
  add_filter('preprocess_comment', 'antispam_check_comment', 1);
198
  }
199
  endif; // end of antispam_check_comment()
200
 
201
 
202
+ if ( ! function_exists('antispam_plugin_meta')):
203
  function antispam_plugin_meta($links, $file) { // add some links to plugin meta row
204
  if (strpos($file, 'anti-spam.php') !== false) {
205
  $links = array_merge($links, array('<a href="http://web-profile.com.ua/wordpress/plugins/anti-spam/" title="Plugin page">Anti-spam</a>'));
js/anti-spam-3.0.js ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ /*
2
+ Anti-spam plugin
3
+ No spam in comments. No captcha.
4
+ wordpress.org/plugins/anti-spam/
5
+ */
6
+
7
+ (function($) {
8
+
9
+ function anti_spam_init() {
10
+ $('.antispam-group').hide(); // hide inputs from users
11
+
12
+ var answer = $('.antispam-group .antispam-control-a').val(); // get answer
13
+ $('.antispam-group-q .antispam-control-q').val(answer); // set answer into other input instead of user
14
+ $('.antispam-group-e .antispam-control-e').val(''); // clear value of the empty input because some themes are adding some value for all inputs
15
+
16
+ var current_date = new Date();
17
+ var current_year = current_date.getFullYear();
18
+ var dynamic_control = '<input type="hidden" name="antspm-q" class="antispam-control-q" value="'+current_year+'" />';
19
+
20
+ if ($('#comments form .antispam-control-q').length == 0) { // anti-spam input does not exist (could be because of cache or because theme does not use 'comment_form' action)
21
+ $('#comments form').append(dynamic_control); // add whole input with answer via js to comment form
22
+ }
23
+
24
+ if ($('#respond form .antispam-control-q').length == 0) { // similar, just in case (used because user could bot have #comments)
25
+ $('#respond form').append(dynamic_control); // add whole input with answer via js to comment form
26
+ }
27
+
28
+ if ($('form#commentform .antispam-control-q').length == 0) { // similar, just in case (used because user could bot have #respond)
29
+ $('form#commentform').append(dynamic_control); // add whole input with answer via js to comment form
30
+ }
31
+ }
32
+
33
+ $(document).ready(function() {
34
+ anti_spam_init();
35
+ });
36
+
37
+ $(document).ajaxSuccess(function() { // add support for comments forms loaded via ajax
38
+ anti_spam_init();
39
+ });
40
+
41
+ })(jQuery);
js/anti-spam.js DELETED
@@ -1,39 +0,0 @@
1
- /*
2
- Anti-spam plugin
3
- No spam in comments. No captcha.
4
- wordpress.org/plugins/anti-spam/
5
- */
6
-
7
- (function($) {
8
-
9
- function anti_spam_init() {
10
- $('.comment-form-antispm, .comment-form-antispm-2').hide(); // hide inputs from users
11
- var answer = $('.comment-form-antispm input.antispm-a').val(); // get answer
12
- $('.comment-form-antispm input.antispm-q').val(answer); // set answer into other input instead of user
13
- $('.comment-form-antispm-2 input.antispm-e-email-url').val(''); // clear value of the empty input because some themes are adding some value for all inputs
14
-
15
- var current_date = new Date();
16
- var current_year = current_date.getFullYear();
17
-
18
- if ( $('#comments form input.antispm-q').length == 0 ) { // anti-spam input does not exist (could be because of cache or because theme does not use 'comment_form' action)
19
- $('#comments form').append('<input type="hidden" name="antispm-q" class="antispm-q" value="'+current_year+'" />'); // add whole input with answer via js to comment form
20
- }
21
-
22
- if ( $('#respond form input.antispm-q').length == 0 ) { // similar, just in case (used because user could bot have #comments)
23
- $('#respond form').append('<input type="hidden" name="antispm-q" class="antispm-q" value="'+current_year+'" />'); // add whole input with answer via js to comment form
24
- }
25
-
26
- if ( $('form#commentform input.antispm-q').length == 0 ) { // similar, just in case (used because user could bot have #respond)
27
- $('form#commentform').append('<input type="hidden" name="antispm-q" class="antispm-q" value="'+current_year+'" />'); // add whole input with answer via js to comment form
28
- }
29
- }
30
-
31
- $(document).ready(function() {
32
- anti_spam_init();
33
- });
34
-
35
- $(document).ajaxSuccess(function() { // add support for comments forms loaded via ajax
36
- anti_spam_init();
37
- });
38
-
39
- })(jQuery);
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://web-profile.com.ua/donate/
4
  Tags: spam, spammer, spammers, comment, comments, antispam, anti-spam, block-spam, spamfree, spam-free, spambot, spam-bot, bot
5
  Requires at least: 3.0
6
  Tested up to: 4.0
7
- Stable tag: 2.6
8
  License: GPLv3
9
  License URI: http://www.gnu.org/licenses/gpl.html
10
 
@@ -12,9 +12,10 @@ No spam in comments. No captcha.
12
 
13
  == Description ==
14
 
15
- [Anti-spam Pro](http://codecanyon.net/item/antispam-pro/6491169?ref=webvitaly "Upgrade to Pro") |
16
- [Anti-spam](http://web-profile.com.ua/wordpress/plugins/anti-spam/ "Plugin page") |
17
- [Donate](http://web-profile.com.ua/donate/ "Support the development")
 
18
 
19
  **Why humans should prove that they are humans by filling captchas? Lets bots prove that they are not bots with adding javascript to their user-agents!**
20
 
@@ -35,7 +36,7 @@ If you get an error - you may check the solution in the [Support section](http:/
35
  = Useful: =
36
  * [Anti-spam Pro](http://codecanyon.net/item/antispam-pro/6491169?ref=webvitaly "Upgrade to Pro")
37
  * ["Security-protection" - blocks brute-force attacks](http://wordpress.org/plugins/security-protection/ "stops brute-force attacks")
38
- * ["Page-list" - show list of pages with shortcodes](http://wordpress.org/plugins/page-list/ "list of pages with shortcodes")
39
 
40
  == Installation ==
41
 
@@ -44,17 +45,39 @@ If you get an error - you may check the solution in the [Support section](http:/
44
 
45
  == Frequently Asked Questions ==
46
 
47
- = How does Anti-spam plugin work ? =
 
 
 
 
48
 
49
- The blocking algorithm is based on 2 methods: 'invisible js-captcha' and 'invisible input trap'.
50
  The 'invisible js-captcha' method is based on fact that bots does not have javascript on their user-agents.
 
 
 
 
 
 
 
51
  The 'invisible input trap' method is based on fact that almost all the bots will fill inputs with name 'email' or 'url'.
 
 
 
 
 
 
 
 
52
 
53
- = How does Anti-spam plugin work in details? =
 
 
 
 
 
 
54
 
55
- Two extra hidden fields are added to comments form. First field is the question about the current year. Second field should be empty.
56
- If the user visits site, than first field is answered automatically with javascript, second field left blank and both fields are hidden by javascript and css and invisible for the user.
57
- If the spammer tries to submit comment form, he will make a mistake with answer on first field or tries to submit an empty field and spam comment will be automatically rejected.
58
 
59
  = How to test what spam comments are rejected? =
60
 
@@ -83,8 +106,7 @@ But if the script of the theme will not submit extra Anti-spam fields - so Anti-
83
 
84
  = What is the percentage of spam blocked? =
85
 
86
- Anti-spam plugin blocks about 99.9% of automatic spam messages (sent by spam-bots via post requests).
87
- But Anti-spam plugin will pass the messages which were submitted by spammers manually via browser. But such messages happens very rarely.
88
 
89
  = What about trackback spam? =
90
 
@@ -94,15 +116,16 @@ So trackbacks are blocked by default but pingbacks are enabled. You may enable t
94
  Edit [anti-spam.php](http://plugins.trac.wordpress.org/browser/anti-spam/trunk/anti-spam.php) file and find "$antispam_allow_trackbacks" and make it "true".
95
  You may read more about the [difference between trackbacks and pingbacks](http://web-profile.com.ua/web/trackback-vs-pingback/).
96
 
97
- = And one more thing... =
98
 
99
- If site has caching plugin enabled and cache is not cleared or if theme does not use 'comment_form' action - Anti-spam plugin does not worked. So in new version of the plugin now whole input added via javascript if it does not exist in html of the comments form.
 
100
 
101
  = Not enough information about the plugin? =
102
 
103
  You may check out the [source code of the plugin](http://plugins.trac.wordpress.org/browser/anti-spam/trunk/anti-spam.php).
104
- The plugin has about 100 lines of code and pretty easy to read. I was trying my best to make plugin's code clean.
105
- Plugin is small but it makes all the dirty work against spam pretty good. You may give it a try.
106
 
107
  = How to reduce the amount of spam? =
108
 
@@ -111,6 +134,9 @@ Do not order products from spam. If spam will be less effective than spammers wi
111
 
112
 
113
  == Changelog ==
 
 
 
114
 
115
  = 2.6 - 2014-11-30 =
116
  * reverting to ver.2.2 state (enqueue script using 'init' hook and into the header) because users start receiving spam messages
4
  Tags: spam, spammer, spammers, comment, comments, antispam, anti-spam, block-spam, spamfree, spam-free, spambot, spam-bot, bot
5
  Requires at least: 3.0
6
  Tested up to: 4.0
7
+ Stable tag: 3.0
8
  License: GPLv3
9
  License URI: http://www.gnu.org/licenses/gpl.html
10
 
12
 
13
  == Description ==
14
 
15
+ **[WordPress Pro plugins](http://codecanyon.net/popular_item/by_category?category=wordpress&ref=webvitaly)** |
16
+ **[Anti-spam Pro](http://codecanyon.net/item/antispam-pro/6491169?ref=webvitaly "Upgrade to Pro")** |
17
+ **[Anti-spam](http://web-profile.com.ua/wordpress/plugins/anti-spam/ "Plugin page")** |
18
+ **[Donate](http://web-profile.com.ua/donate/ "Support the development")**
19
 
20
  **Why humans should prove that they are humans by filling captchas? Lets bots prove that they are not bots with adding javascript to their user-agents!**
21
 
36
  = Useful: =
37
  * [Anti-spam Pro](http://codecanyon.net/item/antispam-pro/6491169?ref=webvitaly "Upgrade to Pro")
38
  * ["Security-protection" - blocks brute-force attacks](http://wordpress.org/plugins/security-protection/ "stops brute-force attacks")
39
+ * [WordPress Pro plugins](http://codecanyon.net/popular_item/by_category?category=wordpress&ref=webvitaly)
40
 
41
  == Installation ==
42
 
45
 
46
  == Frequently Asked Questions ==
47
 
48
+ = How does Anti-spam plugin work? =
49
+
50
+ The blocking algorithm is based on 3 methods: 'invisible js-captcha', 'invisible input trap' and 'spam points'.
51
+
52
+ = How does 'invisible js-captcha' method work? =
53
 
 
54
  The 'invisible js-captcha' method is based on fact that bots does not have javascript on their user-agents.
55
+ Extra hidden field is added to comments form.
56
+ It is the question about the current year.
57
+ If the user visits site, than this field is answered automatically with javascript, is hidden by javascript and css and invisible for the user.
58
+ If the spammer will fill year-field incorrectly - the comment will be blocked because it is spam.
59
+
60
+ = How does 'invisible input trap' method work? =
61
+
62
  The 'invisible input trap' method is based on fact that almost all the bots will fill inputs with name 'email' or 'url'.
63
+ Extra hidden field is added to comments form.
64
+ This field is hidden for the user and user will not fill it.
65
+ But this field is visible for the spammer.
66
+ If the spammer will fill this trap-field with anything - the comment will be blocked because it is spam.
67
+
68
+ = How does 'spam points' method work? =
69
+
70
+ Every comment will have +1 spam point for each truthy statement below:
71
 
72
+ * empty COOKIE array
73
+ * URL field is not empty
74
+ * comment contains too many links (3 or more)
75
+ * comment contains html
76
+ * comment is too long (more than 2000 chars)
77
+ * comment contains rel="nofollow" code
78
+ * comment contains [/url] code
79
 
80
+ If the comment will have more than 3 spam points - the comment will be blocked because it is spam.
 
 
81
 
82
  = How to test what spam comments are rejected? =
83
 
106
 
107
  = What is the percentage of spam blocked? =
108
 
109
+ Anti-spam plugin blocks more than 99.5% of spam messages.
 
110
 
111
  = What about trackback spam? =
112
 
116
  Edit [anti-spam.php](http://plugins.trac.wordpress.org/browser/anti-spam/trunk/anti-spam.php) file and find "$antispam_allow_trackbacks" and make it "true".
117
  You may read more about the [difference between trackbacks and pingbacks](http://web-profile.com.ua/web/trackback-vs-pingback/).
118
 
119
+ = And one more extra note... =
120
 
121
+ If site has caching plugin enabled and cache is not cleared or if theme does not use 'comment_form' action - Anti-spam plugin does not worked.
122
+ So in new version of the plugin now whole input added via javascript if it does not exist in html of the comments form.
123
 
124
  = Not enough information about the plugin? =
125
 
126
  You may check out the [source code of the plugin](http://plugins.trac.wordpress.org/browser/anti-spam/trunk/anti-spam.php).
127
+ The plugin is pretty small and easy to read. I was trying my best to make plugin's code clean.
128
+ Plugin is lightweight but it makes all the dirty work against spam pretty good. You may give it a try.
129
 
130
  = How to reduce the amount of spam? =
131
 
134
 
135
 
136
  == Changelog ==
137
+ = 3.0 - 2014-12-02 =
138
+ * added 'spam points' algorithm
139
+ * refactor code structure
140
 
141
  = 2.6 - 2014-11-30 =
142
  * reverting to ver.2.2 state (enqueue script using 'init' hook and into the header) because users start receiving spam messages