[drupal-devel] simple and effective comment spam prevention
exists and works
Larry Garfield
larry at garfieldtech.com
Sat Oct 1 17:26:14 UTC 2005
Um, isn't that the idea behind a captcha? We've got that already.
http://drupal.org/project/captcha
On Saturday 01 October 2005 10:44 am, Theodore Serbinski wrote:
> One method we may want to look into. When a session is created a for
> user and they are on a page that allows comments, we come up with a
> unique hash based on say the node ID and session ID. We store this in
> the user's session. When the user goes to create a comment, we pass
> this unique hash with a hidden input field and when they click "post
> comment" we verify this input hidden hash against one stored in the
> user's session. This should prevent most spam comments, IMO.
>
> ted
>
> On 10/1/05, Khalid B <kb at 2bits.com> wrote:
> > This defense may work for a while, but will be very short lived.
> >
> > Spam bots will be upgraded to fake a referer that contains the domain
> > name.
> >
> > The spam arms race continues ...
--
Larry Garfield AIM: LOLG42
larry at garfieldtech.com ICQ: 6817012
"If nature has made any one thing less susceptible than all others of
exclusive property, it is the action of the thinking power called an idea,
which an individual may exclusively possess as long as he keeps it to
himself; but the moment it is divulged, it forces itself into the possession
of every one, and the receiver cannot dispossess himself of it." -- Thomas
Jefferson
More information about the drupal-devel
mailing list