十招阻止WordPress中的垃圾评论

时间:10-05-20 栏目:网络&技术 作者:wukong 评论:2 点击: 35,476 次

本文转载自WordPress啦!垃圾评论经常令blogger们头疼,它们占用了资源使得博客的运行速度也下降。这里就跟大家分享下,打击垃圾评论的十大招数。

1. 安装Akismet

这是最简单的方法,Akismet 是WordPress系统默认自带的一个很好的防垃圾评论方法,对于普通的blogger来说,安装Akismet后你的垃圾评论就会被挑选出来。但是也 有一个问题,它仅是找出了垃圾评论却不能从根本上解决问题。这也是为什么要写这篇文章的原因,我们将从最简单的将垃圾评论区分出来着手,之后转移到如何从 源头上阻止垃圾评论。

2. reCAPTCHA

reCAPTCHA 插件,你应该在FacebookTwitter StumbleUpon等 网站上有看到过此插件。什么是reCAPTCHA呢?它跟普通的CAPTCHA(图形验证码)不同,它是使用了从古书中扫描来的字符,然后使用 OCR 软件进行识别的,而 OCR 的识别能力有限,需要人力来一一校对,而且还不能保证完全正确,因此,你每一次的reCAPTCHA验证实际上是在帮助这些书籍的数据化。在此,你可能会问它是如何实现防垃圾评论的呢?答案很简答,reCAPTCHA 验证码中有2个单词,一个是已经正确识别出的,而另一个是未确定需要校对帮助其数据化的单词。图示:

www.2hand.cn

该插件有2.7+版本可安装,搜索下WP-reCAPTCHA下载之后一键点击安装。不过,你需要一个key才可以使用,你可以从这里获得key。弄好之后,在你的评论页面就会显示reCAPTCHA验证。

3. 邀请读者回答简单的算术问题

要介绍的第二款从源头上防止垃圾评论的插件是Math Comment Spam Protection 插件。使用它之后,你的博客评论区会有一个简单的数学问题需要回答,用户才能发表评论。

www.2hand.cn

这里就不讲述如何安装它,在这个插件的官方网站上有一个全面的安装指南。你可以看上面的效果图。

4. 阻止垃圾trackbacks

要介绍的最后一款插件的制作者跟上一款是同一人,叫做 “Simple Trackback Validation ”。它通过检验trackback的发送者的IP地址是否与该trackback URL IP 地址相同来阻止垃圾trackback。在插件的主页面上是 这样说的:“检索trackback 中的URL所指向的页面,如果这个页面没有包含一个到你博客的链接,则视为垃圾Trackbacks。由于大多数的垃圾trackback发送者不会专门 建立一个页面来链接他们要攻击的博客,这样一个简单的检查就可以很快揭露非法trackbacks。”

与上一款插件一样,在插件的主页面也有安装指南。

5. 用户登录后评论

可能大多数blogger们不是很喜欢这种方法,不过却是阻止垃圾评论的一个非常有效的方法。选上“Users must be registeredlogged in to comment.”

www.2hand.cn

在后台的“设置”,点击“讨论”勾上“用户必须注册登录后才能发表评论”,并保存你的更改。

6. 通过IP地址阻止垃圾评论

这里就需要用到 .htaccess文件。你先阅读这里了解下基本介绍。并牢记一条定律,始终都要对.htaccess备份。更多关于.htaccess的知识可以阅读CatsWhoCodeWPShout

大多数情况下垃圾评论的发送者会制造假IP,此方法不是特别好使,不过,要是有个IP经常骚扰到你,你可以通过下面的代码阻止他们访问你的网站,只要在你的博客根目录下的.htaccess文件插入下面的代码就可以,把第二行的IP地址改成你想要阻止的IP地址。

Order allow,deny
Deny from 100.100.100.
Allow from all

7. 通过禁止黑名单列表IP访问来阻止垃圾评论

使用上面的方法,你仅仅阻止了一个垃圾评论发送的IP。现在有了Perishable Press,你想阻止多少垃圾评论的IP地址都可以,Jeff收集了大量的黑名单列表,你可以从中挑选你需要阻止的地址,在.htaccess文件上实施。你可以通过下面的地址获得最新的黑名单列表:

8. 拒绝不相关的评论请求

另外一个利用 .htaccess来阻止垃圾评论的技巧是拒绝不相关的评论请求,也就是说,如果评论不是来自你的网站的话,就阻止它。把第四行的URL地址改为你的博客地址即可。

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

9. 阻止内容盗用

垃圾评论发送者还不仅限于给你滥发评论,他们通常还会窃走你的内容。这里就介绍下如何防止他们通过RSS盗用你的内容。一旦你发现了哪一个网站偷窃 你的内容,首先记住网站的IP地址。Ping下结果’ping [站定名称,如:catswhocode.com]‘。然后找到他们的RSS feed,在你的 .htaccess 文件里添加下列代码:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^69.16.226.12
RewriteRule ^(.*)$ http://newfeedurl.com/feed

把第二行的IP地址改为偷窃站点的IP,第三行的URL改为该站点的feed地址。

10. 阻止图像盗用

上面,我们阻止了别人从RSS盗用你的内容,现在介绍下如何对付那些复制你并粘贴你的内容到他们网站的窃贼。虽然,从技术上来讲这并不是阻止垃圾评论,不过却对打击垃圾评论发送者有很大作用。

如果你的图像被盗链,你有两个选择:给你的图像印水印或者使用.htaccess。两个我都介绍下,你自己决定使用哪一个。第一种水印,也是万无一失的就是你在上传图像之前就打上水印,可以通过一些简单的软件来实现,这里我推荐完全免费的工具 FastStone Photo Resizer。第二种水印,安装phpThumb并创建一个调整图像大小和水印的简易代码。在functions.php文件里添加下面的代码,把phpThumb上传到你的主题文件夹,上传水印并修改URL地址。你也可以修改下图片的宽度(当前为590)。

<?php function imageresizer( $atts, $content = null ) {
return ‘<img src=”/THEMEURL/phpthumb/phpThumb.php?src=’ . $content . ‘&w=590&amp;fltr[]=wmi|/images/watermark.gif|BR” alt=”">’;
}
add_shortcode(‘img’, ‘imageresizer’); ?>

有了这些代码之后,你按正常的方法上传一张图片后,转为HTML模式并复制图像的url,接着删除该图片在 wbc.bkkss.com 中间插入图像的URL地址。
当然,你也可以通过在.htaccess 添加如下代码防止盗链(把第三行和第五行的地址做下改动 – 第五行将要显示的图片- 将它转向到空白地址或你站点的广告):

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC]
#RewriteRule .(gif|jpg)$ – [F]
RewriteRule .(gif|jpg)$ http://www.yourdomain.com/advert.jpg [R,L]

附原文:

Top 10 ways to stop spam in WordPress

Posted by Alex Denning on Aug 31, 2009 | 17 comments

Spam is a nuisance,as bloggers, we have all experienced a flood of spam every nowthen. Not only is it a pain, but it can slow down your bloguse up your resources. In this post we’ll look at ten ways to combat spam.

Guest post by Alex Denning, a Twitter fan who runs WPShout.com, where he blogs about WordPress tips, trickshacks.

1. Install Akismet

This is the simple one that everyone does. Akismet comes bundled with WordPress by defaultdoes a good job of picking up spam – for the average blogger, install Akismetyour spam problems will be sorted. The trouble is though, it just stops spam getting displayed, it doesn’t get to the root of the problem. That’s where this post comes in. We’ll start with some simple methods of stopping spam being displayedthen we’ll move onto stopping the spammers getting on your site in the first place.

2. reCAPTCHA

The reCAPTCHA plugin is one you’ve probably seen around on sites such as Facebook, Twitter and StumbleUpon. It isn’t just your average CAPTCHA (an image containing some letters that are designed so only humans can read them), it uses words from old books, so every time you enter a reCAPTCHA, you’re helping digitise books. At this point, you’re probably thinking but if I’m telling it what the words mean, does that mean I can enter anything? How does that stop spammers? The answer is simple – there are two words, one of which the CAPTCHA knows. The second, it doesn’tyou’re helping digitise it.

The plugin is simple to install, in 2.7+, just do a search for WP-reCAPTCHAclick install. You’ll need a key for the plugin to work, which you can get here. After you’ve done that, reCAPTCHA should appear on your comments’ page.

3. Ask your readers to do 1+1

The second plugin that we’re going to look at as a way of stopping spam being displaued is the ‘Math Comment Spam Protection‘ plugin. Using it, you can add a field to your blog’s comment box with a simple maths (or ‘math’ as they say in the States) question.
www.2hand.cn
I’m not going to go into installing it here as there’s a comprehensive installation guide on the plugin’s website. You can see it in action on WordPress Hacks (image above).

4. Stop spam trackbacks

The final plugin that we’re going to look at is one by the same author who made the plugin above. The ‘Simple Trackback Validation‘ plugin checks if the IP address of the sender of the trackback is the same as the IP address that the trackback URL refers to, thus eliminating [lots]% of trackback spam as spammers won’t use bots running on infected machines. As the plugin’s page says, the plugin also “retrieves the web page located at the URL included in the trackback. If the page doesn’t a link to your blog, the trackback is considered to be spam. Since most trackback spammers do not set up custom web pages linking to the blogs they attack, this simple test will quickly reveal illegitimate trackbacks. Also, bloggers can be stopped abusing trackback by sending trackbacks with their blog software or webservices without having a link to the post.”

Like the ‘Math Comment Spam Protection’ plugin, there’s an installation guide on the plugin’s homepage.

5. Make users login to comment

This is something that probably won’t be a good idea for the majority of bloggers, but it will stop spam – make users login to be able to leave a commentspammers will be stopped from commenting, but so will one time visitors. Just keep that in mind.
www.2hand.cn

Under ‘Settings’. click ‘Discussion’then tick the box ‘Users must be registeredlogged in to comment’. Then save changesyou’re done.

6. Ban spammers by IP

Now that we’ve stopped spam being displayed with the tips above, we’re going to move on to blocking spammers getting on your site in the first place. Something we’re going to be using extensively is the .htaccess file. A basic introduction that you should read first is here,remember the golden rule of .htaccess – always have a backup. Further .htaccess reading is available here on CatsWhoCodemy own blog, WPShout.

In most situations, this tip wouldn’t be too much of a good idea; spammers will fake often their IP, but if there is one IP that is particularly bugging you, then the code below will block them from visiting your site – instert it into your .htaccess file in your blog’s root, changing the second line to include the IP that you wish to ban.

Order allow,deny
Deny from 100.100.100.
Allow from all

7. Ban spammers by IP, on a massive scale

You’ve blocked a single spammer. Well done. Now, with help from Perishable Press, you can block thousands of spammers – Jeff from Perishable has compiled a number of blacklists, from which you can pickchoose which you want to implement into your .htaccess file. The latest blacklists, the ‘fourth generation’ can be accessed below:

8. Deny comment posting to no referrer requests

Another .htaccess trickthe final comment spam stopping technique we’re going to look at is denying comment posting to no referrer requests – in other words, if the comment isn’t actually coming from your site, then it gets blocked. Make sure you change the url in line four to your blog.

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Source – WordPress Recipes.

9. Stop content theives

Spammers don’t just limit themselves to spamming your comments – often they’ll steal your content too. This next trick will stop spammers who steal your content via RSS. Once you’ve found a site stealing your content, first thing to do is find out the site’s IP address. A search for ‘ping [site name, ie catswhocode.com]‘ should give you a result. Once you’ve got that, head over to the offending sitefind their RSS feed. Then, open up your .htaccess fileadd the following lines:

RewriteEngine on
RewriteCond %{REMOTE_ADDR} ^69.16.226.12
RewriteRule ^(.*)$ http://newfeedurl.com/feed

Change the IP in line two with the IP of the offending sitethe url in line three with the offending site’s feed.

Source - WPShout/ SEO Black Hat

10. Stop spammers stealing your images

Now that we’ve stopped spammers from stealing your content via RSS, now it is time to combat those who just copypaste your articles onto their site. Yes, this isn’t technically stopping spam, but it is helping combat the spammers.

You’ve got two options if people are hotlinking your images – watermark or .htaccess. We’ll look at both,I’ll leave you to decide which is better. First up, watermarking. The foolproof method is to watermark your images before you upload them, which you can do with some simple software – FastStone Photo Resizer is a great tool that I’d thoroughly recommend. What’s more, it’s free! The second option is to install phpThumbcreate a shortcode that resizeswatermarks your image. Copypaste the following code into your functions.php file, having uploaded phpThumb to your theme’s folder, uploaded a watermarkchanged the URLs. You can also change the width that images will be resized to (it’s currently 590).

<?php function imageresizer( $atts, $content = null ) {
return '<img src="/THEMEURL/phpthumb/phpThumb.php?src=' . $content . '&w=590&amp;fltr[]=wmi|/images/watermark.gif|BR"  alt="">';
}
add_shortcode('img', 'imageresizer'); ?>

With the code integrated, now when uploading a picture, upload it in the normal way, then go into HTML modecopy the image url, then delete the imagethen paste the image URL between wbc.bkkss.com .

Of course, you can also easily disable hotlinking by going into your .htaccess filepasting the following (changing lines threefive – five will displayalternate image – send it to something blank, or perhaps an ad for your site?):

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www.)?yourdomain.com/.*$ [NC]
#RewriteRule .(gif|jpg)$ - [F]
RewriteRule .(gif|jpg)$ http://www.yourdomain.com/advert.jpg [R,L]

声明: 本文由( wukong )原创编译,转载请保留链接: 十招阻止WordPress中的垃圾评论

十招阻止WordPress中的垃圾评论:目前有2 条留言

发表评论

您必须 [ 登录 ] 才能发表留言!

------====== 本站公告 ======------
大家有任何疑问和建议,请到这里留言:点击留言板

读者排行