03/06/2010

Conditional Captcha for WordPress

Since I recently upgraded a bunch of WordPress blogs, the little SimpleCAPTCHA plugin stopped working. Oh, it displayed alright, but no matter what characters were typed into the captcha box, the comment would go through. And so, the comment spam increased and, even though we have comment moderation turned on, it was annoying to see piles of nonsense in my spam queue.

Earlier on, I'd been using various techniques to block comment spam, but they were a hassle and needed to be updated fairly often. Then I installed a captcha. I'd of course heard that spammers can get around captchas, and maybe they can, but my experience since first installing captchas has been that it pretty much stops the spam cold. Whereas I'd get dozens of spam blog comments a day (remember, I've worked to block them), after installing the captchas, I got one or two a month.

Now, I know that Akismet works great and I use it, but I don't like to see spam in my WP spam queue at all.

So I tried a bunch of "new" captchas, but each had its own problems. The main problem seemed to be due to the fact that I'd password-protected the wp-admin folder. For example, one captcha plugin was great (and the characters were easier to read, and it even had a audio function that would read the characters to you), but if you typed the wrong characters into the box, suddenly you got a window requesting that you log in; yep, to the admin area. While this isn't the worst thing in the world, I imagine that it would be pretty confusing, if not threatening, to most users.

So, after I upgraded our server to PHP5, I tried Conditional CAPTCHA. According to the plugin writer, Conditional CAPTCHA does not present a captcha in the comment section for every would-be commenter to fill in. Instead, there's no captcha — but when the comment is submitted, Conditional CAPTCHA checks it against Akismet's database and, if that commenter's information is in the Akismet database, only then does it present a captcha. This is pretty ingenious.

I did a little testing and found that (a) typing the wrong information into the Conditional CAPTCHA box blocks the comment from being accepted, (b) as does typing no information (leaving it blank). And no untoward requests to log in!

Lastly, you can do a bit of configuring of Conditional CAPTCHA in the WP admin area — for example, you can set it to send identified spam comments to the Trash, or to delete them cold.

So far, so good. Yes, I know Akismet occasionally gives false positives. But, so far, it's working. And I far prefer not to penalize innocent commenters with the task of trying to read captchas, and only testing those that fall into the Akismet database.

Not perfect. And I guess I'll see if I get a bunch of hate email from legitimate commenters. :)

7 Comments to "Conditional Captcha for WordPress"

  1. Brad says:

    Diane, this was a very timely tip for me. I'm just setting up a WP blog, and forgot all about locking down my comments.

    So many plugins, so little time. :-)

    Anyway this one sounds good so I've installed it and many thanks for the tip.

  2. Diane Vigil says:

    Ah, you're very welcome, Brad.

    I'm watching how it scores comment spam, and then I think I'll turn on the auto-delete. I figure that if the commenter is in the Akismet database, that's one strike against. If he/she can't type the captcha correctly, then that's two strikes … which would make me wonder why I'm waiting for a third strike. :)

  3. Plugin Recommendations for Wordpress says:

    […] had this post for a new captcha plugin which I […]

  4. WordPress Spam Blocker says:

    […] method for years. However, when we moved (yes, we're now a Charlotte web design company), I found Conditional Captcha … which is about as pretty a thing as I've seen in a long time. Do give it a spin, as it only […]

  5. Tyron says:

    I Installed this plugin on my blog and it's working like a charm. Good thing is now I don't hve to check my spam comments for real comments and number of spam in my spam queue is less by 95%.
    Must have plugin wiith Akismet to fight spam.

  6. Diane Vigil says:

    I agree, Tyron. It — in combination with Akismet — pretty much just takes care of everything. No more problem. :)

  7. bluebrain says:

    The news is great. I have used it in combination with typepad though. Right now i cant comment much on its performence, since I have just installed it and yet to be seen if it works right or not. Yet to be seen if my comments will be filtered free of spam or not .. right now my comment box are filled with spam like a hell ….

Have your say ...

First-time comments will be held for moderation (but comments are appreciated). Otherwise, just be courteous. If your name is a bunch of keywords, your comment will be deleted. Don't post links unless highly pertinent. Posters must be 16 or older.

Manage your subscriptions

Archives
© 2004-2017 DianeV Web Design Studio. All Rights Reserved.
34 queries. 0.237 seconds.