Tempus Fugit

Mark Jaquith's personal blog

WordPress: Snowball Effect

Update: The code from this plugin has been improved and merged into the excellent Spam Karma plugin. It really is the end-all of WP antispam plugins, and I recommend that you use it.

Some discussion on #wordpress and on the wp-hackers mailing list gave me this idea.

As WordPress spammers get more intelligent, they are going to realize that some people are using URI blacklists to block certain notorious spam-sites. Comments posted with these URIs won’t make it. So what is to prevent the spammer from trying other URIs until he finds one that isn’t blacklisted, and then launching a torrent of spam? Nothing. And what if they get lucky the first time and don’t trigger the blacklist? They’re free to post to their heart’s content.

So here’s the plugin I wrote to change that. Please note: while this should work in WordPress 1.2, there will be “comment posted” e-mails sent to the author even for comments that are put into moderation with this plugin. This is unavoidable in 1.2. In WordPress 1.3, it can intercept those e-mails.

The plugin works by checking to see if there are any comments in moderation or that have been posted in the last 24 hours that have the same IP address, e-mail address, comment body, or URI as the current comment being submitted. If there are more than 5 (default) comments that match any of those fields, the comment is sent to moderation, and all similar comments within the past 24 hours are retroactively sent to moderation. This check only occurs if the comment gets past WP’s built-in moderation.

The plugin has a safety feature so that legitimate commenters don’t get put into moderation just for posting a lot of comments on one day. The plugin takes into account the total number of comments posted by that commenter, and only if the last day’s comments are disproportionally more than the total number of comments posted prior to 24 hours ago do those comments go into moderation. The multiplier that determines this can be set by the user.

Download

WP Snowball Effect v1.0

Instructions

Copy-paste the text of the plugin into a file (call it whatever you like). Make SURE that there are no spaces before the opening <?php or after the closing ?>. Upload the file to your plugins directory, and activate it using the interface.

If you like, you may change the default settings. Setting $trigger lower will probably catch more spam, but if a legitimate commenter who doesn’t have a number of previous comments leaves a large number of comments in a 24 hour period, his comments will be moderated until you approve them.

The other setting is $friendly_multiplier which is the number that is multiplied by the number of recent comments and compared against the number of old comments. If you want to reduce the number of previous comments required to overrule a heavy day of commenting by a user, set this lower. Setting it to 0.5 means that the user would have to leave twice as many comments in a 24 hour period than he has left in the period prior.

This plugin is highly effective against big sudden spam attacks because it can recognize the common thing among the spam (be it the IP address, the URI, the content, or the e-mail address) and go back and unapprove any spam that got through at first.

Let me know how it works for you and feel free to suggest any improvements.

Comments

  1. I get the following when people try to post comments to my blog:

    Warning: Cannot modify header information – headers already sent by (output started at /var/www/html/wordpress/wp-includes/wp-db.php:80) in /var/www/html/wordpress/wp-comments-post.php on line 191

    Warning: Cannot modify header information – headers already sent by (output started at /var/www/html/wordpress/wp-includes/wp-db.php:80) in /var/www/html/wordpress/wp-comments-post.php on line 197

    I’ve disabled the plugin, and now everything works fine. Do you know what’s happening? How do I get rid of those messages?

  2. It’s possible that there was an error when you uploaded the plugin. Make sure you copy/paste the text, don’t save the file. Then make sure there are no spaces before the leading <php and none after the ending ?> and then upload it in ASCII mode.

Trackbacks

  1. Posted by Mark | October 22nd, 2004 @ 3:02 AM | Category: “WordPress” [IMG Permalink]Permalink |[IMG Add a comment]Add a comment | [IMG Printer-friendly version of this entry]Print Rosemary has posted back-to-back short biographies of First Lady Laura Bush and First Lady hopeful Teresa Heinz Kerry. There are bound to be things there that you didn

  3. been placed in the queue for moderation. Now if a spammer cleverly gets past all this and successfully starts to post comments, I installed Mark’s Snowball Effect plug-in to catch those. As Mark describes: The plugin works by checking to see if there are any comments in moderation or that

  5. I just installed Kitten’s Spaminator and Snowball Effect so hopefully my referer list and comments will be much cleaner than before. Everyone else who owns a wordpress blog should probably have these plugins [IMG :)] Isn’t open source great?

  9. sortie la cavalerie j ai allonge l intervalle entre 2 commentaires de 5 mn avec a la clef une redirection vers paypal et j ai installe snowball effect il entre dans la composition de spamkarma ca marche un peu comme les budget de l éducation nationalle tu arrives avec ton ip tu laisses

  12. […] Misschien komt het omdat ik het meest thuis ben in WordPress, maar daar lijken de meeste oplossingen voor te zijn. De minst indrukwekkende is WP-Blacklist, deels plugin, deels hack en daardoor nogal lastig te installeren. Bovendien doet hij niet helemaal wat hij moet doen. Zelf gebruik ik een combinatie van twee plugins: Kittens Spam Words en Three Strikes. Three Strikes biedt sinds begin januari ook bescherming tegen trackbackspam. Andere goede oplossingen zijn Kittens Spaminator en het door Boneless in de comments achtergelaten Authimage. Authimage toont een plaatje met willekeurige tekst die de reageerder moet overnemen alvorens te kunnen reageren, vergelijkbaar met het bij Moveable Type genoemde MT-Captcha. Twijfelachtig is de werking van Kittens Comment Pay. Het idee is aardig, commentspammers krijgen een redirect naar je paypal account en na betaling mogen ze dan een spamreactie plaatsen, maar of je werkelijk ooit een cent ontvangt is de vraag. Snowball is verwerkt in Spam Karma, wat ook een verschrikkelijk goede anti-spam (zowel comment als trackback) oplossing schijnt te zijn, maar ja, never change a winning team. […]

  14. […] Found yet another nice anti spam plugin at Mark’s place Tempus Fugit. Snowball Effect checks for same poster and puts into moderation queue when the number of comments in the last 24 hours exceeds X. Even retrospectivly. […]