Comments Post Rewriter
February 20th, 2007
Quix0r
I had been meaning to mention this plugin for some time, and actually thought I had, until Quix0r stopped by, and mentioned it. I then realized I never actually got around to blogging it.
I personally have been blessed by the combination of Spam Karma2 and Bad Behavior (maybe it’s due to the fact that I have donated to the authors, hint, hint) but anyway, many people still run into issues with spam, and this one seems like a good addition to the arsenal. I’ll leave the technical explanation to the author, but my basic understanding is it “hides” the name of the file that most spammers attack, so basically they are missing the target. Sounds good, and appears to be successful for those that need it. Worth checking out if you are still having issues with spam.
Well, it’s not (yet) “hiding” the input fields away. It is currently “only” inserting an authorization key into the URL when you post your comment. This is mostly POST /wp-comments-post.php. Now, my JavaScript code is inserting the key into it like this: wp-comments-post-xxxxxxxxxx.php. But the spambots are (currently, good!
) not so smart to “guess” or execute the JavaScript code embeded in the HTML code.
So they will still post to wp-comments-post.php but not wp-comments-poost-xxxxxxxxxx.php.
And when they have found a (time-limited) valid key they can use it only on one post and only once on the same post. 
If you still not know what I mean here, please check your logiles. You will find entries like the one above there: POST /wp-comments-post.php. Exactly there my CPR plugin will insert the unique authorization key!
Okay, I backlink your post from my blog. Just a second…
And, well, may I know the reason for that you never come around blogging about my plugin? I don’t want to force you here… :/
huh? I just blogged about the plugin, and said I thought I had. Sorry for the delay, and thanks for offering another layer of spam protection to WP bloggers.