How to avoid spammer comment on your WordPress Blog – 如何在你的WordPress部落格提防垃圾留言
Some WordPress end-user kept receiving spam comments from their WordPress blog, it is because of the “spammer bot” (a web script program) keep attacking their wordpress core file “wp-comments-post.php” and posting some stupid comment to gain traffic from their website when their reader or visitors clicked the spammer website link.
很多基本Wordpress用户一直从他们的部落格收到很多垃圾留言,这是因为“垃圾留言机器人”(其实是一个语法程式)一直攻击他们的Wordpress文件”wp-comments-post.php”,并且发布一些看似很蠢很无聊的留言,好让它们可以从你的部落格/网站拿到更多的浏览数据(当读者点击它们的连接后)
Example of stupid idiot spam comment:
无聊的垃圾留言的例子:
Author : Elizabeth
Email : elizabeth12345678@emailthatyouwontremember.com
Website : http://[something really stupid and hard to remember, usually is about drug or porn information]
Comment : Haha ^^ nice, is there a section to follow the RSS feed?
Solution
You can rename the core file to solve this but you will need to change some of the script, changing a core file script is not a smart way as it is difficult for you to upgrade the WP version in future. So i’m not going to teach you how to do this, will suggest you to install the anti-spammer plugin.
There are lots of “CAPTCHA” plugin available in WP Plugin directory, i find “Simple CAPTCHA” is the most simple plugin that work out from the box for end-user without have to put any PHP code into your theme file.
3 simple Installation steps
- Download “Simple CAPTCHA“, and unzip it, copy folder “simpleCAPTCHA” inside.
- Use any FTP or server file manager program upload “simpleCAPTCHA” to your “wp-content/plugins” directory.
- Goto your WordPress back-end, goto “Plugin”, activate the “Simple Captcha” plugin.
That’s it, your comment form come with “CAPTCHA” verification security code now, people have to enter the security code before submit their comment
解决方案
你可以把“wp-comments-post.php”重命名,但那不是一个很好的方法,毕竟更改源代码或系统文件会让你下次要升级WP版本时显得困难,所以我这里不会教你怎么改,会建议你下载并且安装反垃圾留言插件。
在WP Plugin 资料库那里很多CAPTCHA插件,其中一个我个人认为最简单并且给基本用户最容易使用的,是这个Simple CAPTCHA,一个不需要更改或加入任何PHP源代码而只需直接安装的插件。
三个简单安装步骤:
- 下载”Simple CAPTCHA“,解压后,拷贝里面的”simpleCAPTCHA“文件夹。
- 使用任何FTP程式或服务器的File Manager把”simpleCAPTCHA” 上载到 “wp-content/plugins” 文件夹
- 登入Wordpress后台,到“Plugin”,启动”Simple Captcha”插件。
就这么简单,现在你的留言表格会有”CATCHA”验证码输入了,任何人需要留言前一定要输入验证码,
if the comment is submitted by “spammer” bot, it will never success as the security code is required and “Spammer” bot can’t read security code stored inside the image file.
当“垃圾留言机器人”要攻击时,它会无法成功,因为机器人并不能解读在图档上的安全验证码。
Of course, if you are registered user or admin of that blog, it does not required to enter the captcha code for commenting.
当然,如果你是该部落格的注册用户,留言时你并不需要输入验证码,包括管理员。
Alternative
Ok, you might wondering why i didn’t put, because i find CAPTCHA is a bit annoying for people who just want to leave comment immedialy. So I’m using “Akismet” – Automattic Kismet (Akismet for short) is a collaborative effort to make comment and trackback spam a non-issue and restore innocence to blogging, so you never have to worry about spam again.
其它选择
好了,你也许会在想我为什么没安装这插件,那是因为我觉得CAPTCHA对一些想直接留言的人来说是烦人的。所以我使用”Akismet” – Automattic Kismet (Akismet for short) 一个会自行学习并且过滤垃圾留言的插件。
It simple caught all the spams intelligently from it’s spam filter database, but sometime some spammer may still by pass the checking. However, compare to the blog that did not installed “Akismet”, the result is much better.
- “Akismet” came with the official WordPress plugin folder, so you no need to install anything but may need to upgrade the plugin, just goto your Plugin section from back-end and activate it.
- You will need a API key to activate, simply login/signup from WordPress.com to get one and enter into your Akismet API field will do.
它还是会通知您该留言如果是垃圾留言,如果你把该留言设定为”垃圾留言“后,它就会更新它的资料库,下次有类似的留言就不再通知你了。但有时还是会有错过的时候,不过与没有安装Akismet的部落格来说,效果是好很多的。
- ”Akismet”是与Wordpress内建的插件,所以你不需要安装但有可能需要升级插件,只要到后台Plugin启动就可以了。
- 你需要API验证码启动,请到WordPress.com注册一个免费帐号并且索取你的Akistmet API验证码。
Get API key from WordPress.com if you don't have
