Comments on: Yawasp Ultimate Anti-Spam Solution http://avi.alkalay.net/2008/12/yawasp-blog-anti-spam-solution.html Digital Awareness and Flying Spirit Fri, 05 Feb 2010 10:57:17 +0000 http://wordpress.org/?v=2.9.1 hourly 1 By: John Biddle http://avi.alkalay.net/2008/12/yawasp-blog-anti-spam-solution.html/comment-page-1#comment-136832 John Biddle Fri, 06 Feb 2009 06:41:52 +0000 http://avi.alkalay.net/?p=977#comment-136832 I recommend WP-Spamfree, a WordPress plugin to eliminate comment spam. You install it like all other plugins and it just works. No fuss, no muss. It's been great for me. I use your mapping plugin. I'm looking to extend it to include a connection to a database. Do you have anything like that planned for its future? john I recommend WP-Spamfree, a WordPress plugin to eliminate comment spam. You install it like all other plugins and it just works. No fuss, no muss. It’s been great for me.

I use your mapping plugin. I’m looking to extend it to include a connection to a database. Do you have anything like that planned for its future?

john

]]> By: Avi http://avi.alkalay.net/2008/12/yawasp-blog-anti-spam-solution.html/comment-page-1#comment-134130 Avi Wed, 03 Dec 2008 16:24:06 +0000 http://avi.alkalay.net/?p=977#comment-134130 Victor, yes. One step at a time. When spammers will get smarter so we'll do. For now, I can say Yawasp eliminated 100% of everyday spam I was getting. Victor, yes.

One step at a time. When spammers will get smarter so we’ll do.

For now, I can say Yawasp eliminated 100% of everyday spam I was getting.

]]> By: Victor Bogado http://avi.alkalay.net/2008/12/yawasp-blog-anti-spam-solution.html/comment-page-1#comment-134121 Victor Bogado Wed, 03 Dec 2008 14:18:05 +0000 http://avi.alkalay.net/?p=977#comment-134121 I liked the idea, but I see a few shorcommings * The problem, at least with this "theme", is that even though the name field is randomized so must be the id. The spammer can know what to fill by the id or even the label (label for='....'). * The hidden field is easy to discover by a css analisys. This explains why only 32 spambots got in that trap. * Even if a harder CSS analisys were required (by hidding the field with a harder rules or instead of using display: none using a positioning scheme. The spammer could still send n attempts leaving each time a different field blank. Maybe using more then one "must be blank" fields could fix this, but it would increase the page weight. still it's good that this method is still effective. :-) I liked the idea, but I see a few shorcommings

* The problem, at least with this “theme”, is that even though the name field is randomized so must be the id. The spammer can know what to fill by the id or even the label (label for=’….’).

* The hidden field is easy to discover by a css analisys. This explains why only 32 spambots got in that trap.

* Even if a harder CSS analisys were required (by hidding the field with a harder rules or instead of using display: none using a positioning scheme. The spammer could still send n attempts leaving each time a different field blank. Maybe using more then one “must be blank” fields could fix this, but it would increase the page weight.

still it’s good that this method is still effective. :-)

]]>