https://www.webmaster-forums.net/crss/node/1060199 en https://www.webmaster-forums.net/webmasters-corner/which-plugins-you-use-prevent-spammers-spamming-your-wordpress-sites#comment-1288948 <p>I always used Akismet on Wordpress, and it worked well for me as long as it was kept up to date. More recently I started moderating all comments on certain poasts (and had a plugin for that but I can't remember what it was called ... my site never got put back after we moved servers a year ago). A lot of comments are complete garbage anyway, so moderating them keeps the quality up.</p> <p>On Drupal I don't think I work on anything that has open comments... here on the forums we use <a href="http://drupal.org/spambot">Spambot</a> module, which runs new registrations through <a href="http://stopforumspam.com">Stop Forum Spam</a>.</p> Wed, 24 Sep 2014 12:56:15 +0000 Megan comment 1288948 at https://www.webmaster-forums.net https://www.webmaster-forums.net/webmasters-corner/which-plugins-you-use-prevent-spammers-spamming-your-wordpress-sites#comment-1288946 <p>I don't do Wordpress for blogging, so i never have to worry about comments, so my answer is for just things like contact form and other forms specific for a page....</p> <p>I don't use any plugin for them. Since I'm a programmer and my clients don't need to (or want to) edit the forms, I just hand code them all from a template I use. It is actually part of my custom caching system I put in place for wordpress, after the page renders, it looks for [[FORM:form_name]] and replaces it with the form code or results from processing it. Some of the things implemented:</p> <p>Honeypot (a field labeled URL that is indented off the screen that needs to be left blank, but bots see)</p> <p>Time Checking: Forms as set to only accept a submit within a certain period of time from when it was rendered, usually an hour. Started that when I had to clean up a site where a bot had learned the form and just started directly submitting spam over and over to it.</p> <p>For sites hosted on my server, it gets passed to an API I wrote that will do a few checks for on the submission, such as geolocation, keyword triggering and IP use threshold per hour. If it it trips anything, it will store the submission into a database, and require the submitter to click on a link in an email to release it.</p> <p>With just those in place it has cut down on the junk e-mail my clients received to almost nothing. After a couple of months, the keyword tracking was added to and tweaked nicely.</p> <p>-Greg</p> Tue, 23 Sep 2014 21:36:27 +0000 Greg K comment 1288946 at https://www.webmaster-forums.net