Please, block my comments

2005072831

WordPress tries real hard to keep blogs free of comment spam without any additional plugins. It’s a nice gesture though I hadn’t had any spamming issues until today. The issue seems to be the reverse of what one might expect–a comment that wasn’t spam was getting flagged as such. The trigger: a URL in the website field with more than one variable, in this case, 5 variables.

The commenter sent me an email telling me how crappy this site was that it wouldn’t take his comments (good thing too cause there was no notification from WordPress that it had done it’s job and attempted to block spam based on it’s list of rules). Not actually knowing WordPress was flagging the comment as spam, I dug through the database to see if the comment was getting lost in there. It was indeed there, but sporting ‘spam’ for the status field. So I fixed the status and the comment is now live. Excellent. Now to find out what’s so spammy about it.

No, WP isn’t smart enough to detect the misuse of a comment in the comment’s last sentence. And digging through the code, I couldn’t find the validation rules. I ended up running some tests. My first hunch was the URL left in the website field. So I started chopping that up to quickly find it is definitely the culprit. Take all the variables out and it works. Take one out, and it is still spam. Take out all but one and it works. Two, spam. So that seems to be it. It makes sense though. A URL with a ton of variables in it likely contains tracking data and keys to pull specific product/content. Why would anyone need that for the URL of their homepage? After all, that is what the website field is intended for. Long URLs are indeed acceptable in the actual comment field though, which has a different moderation technique that is customizable in the WP admin.

Thanks spam, you waste a lot of development time and make it hard for people without their own website to have fun with the website field on blogs.

Comments

  1. matches 20050728

    Yeah, the problem is Spam is just a huge jerk with brains-of-AIDs who doesn’t care what anyone things. Ants at the picnic.

    Long URLs with alot of variables?

    Also, grammar check on “there” in the last sentence.

  2. waytoocrowded 20050729

    That’s the exact URL I kept thinking of when I wrote this post.

    Also, grammar check on “things” in the first sentence.

    Also, grammar check on “alot” in the third sentence.

  3. matches 20050729

    Eeeeeuygh.

  4. se maj 20050730

    After reading your post I can’t tell whether you’re happy or sad with WP and the spam message. Are you happy that you know WP is working and blocking stuff? Are you upset that it didn’t tell you it was blocking stuff until I emailed you complaining your site didn’t work? Frustrated with the content/links WP considers to be spam? Mad at my random links in general? haha.

  5. waytoocrowded 20050730

    Some of both I guess. WP does its best so that’s good. For a site this small though, it might be nice to have an option of being alerted when a comment gets flagged as spam since I don’t generally have any spam issues. Of course if it was a big site that had more problems with that, being alerted to all of it would be just as annoying as having to go in and delete the junk yourself. And random links are always fun.


Skateboards and bikes are better at nights

Skateboards and bikes are better at nights. 0 comments.


Search WayTooCrowded
The Header Should Always Point Home