The MU forums have moved to WordPress.org

aksimet wp plugin 2.0 with wpmu support available (26 posts)

  1. Ovidiu
    Member
    Posted 17 years ago #

    hi there,

    I don't know if anyone noticed this, so here is a link to the article: http://blog.akismet.com/2007/01/22/akismet-wordpress-plugin-20/

    The basicly surprising news: You can hardcode your API key in the plugin file to hide the configuration page and enable Akismet as a mu-plugin for WordPress MU.

    And now my question: I do qualify for a free key (also that might change in the future) so what should I do: hardcode my free key and activate it as a mu-plugin, or stay with my current solution: use sk2 with the akismet plugin for sk2 thus enabling me to only activate the akismet key for my own blogs, but offering for users blogs, to enter their own key into the sk2 akismet plugin...

    what do you think about having 2 spam protectors around? do you think they would interfere with each other? would this not be too confusing to endusers?

  2. lunabyte
    Member
    Posted 17 years ago #

    I dunno. Akismet is always a touchy subject. I'd definitely double check with them first, just to be safe and so they know you're playing within the "rules".

    Also, for me, I run 3 levels of protection. Although I've been called "nuts" for that much.

    First Level: Bad Behavior

    Second Level: SK2

    Third Level: Custom Captcha

    The only thing that gets by it is when a jackass, as I lovingly refer to them (sense the sarcasm?), decides to sit there and type it in manually, and it gets through SK2.

    Although that's only happened 5 or 6 times in the past year though. Maybe 7 at most.

  3. suleiman
    Member
    Posted 17 years ago #

    and then it gets deleted. What do these jokers think they are doing?

  4. Ovidiu
    Member
    Posted 17 years ago #

    @lunabyte

    I was using bad behaviour too, parallel to sk2 but had to disable it because with my wpm I want to target the romanian blogging niche but due to the fact that "most" (I am not exagerating, believe me) romanian ISPs IPs are blacklisted I had to give up on this plugin.
    thats why I was interested in akismet at all.

  5. Ovidiu
    Member
    Posted 17 years ago #

    I just had another idea:

    what plugin is checking first, akismet or sk2? and what happens after one of them flags a comment?

    If they were checking sequentially it would be cool to activate both, as sk2 gives no backend to the user, while akismet gives one so basically after being scanned by both systems users could browser through and recover if needed - right? - possible?

  6. quenting
    Member
    Posted 17 years ago #

    SK2's doing the job for me, never really needed anything else. I don't understand the need for a custom captcha ? Doesn't SK2 already have a captcha "subplugin" embedded ?

  7. lunabyte
    Member
    Posted 17 years ago #

    Yes it does, if it feels it needs to call it.

    The reason I use it, as we've discussed several times, is simply that additional layer of protection. Granted it might only be a 5% gain, but to me that makes it worth it.

  8. drmike
    Member
    Posted 17 years ago #

    I gotta admit that I only use Akismet. I thought about using a second but I just think that's overkill.

  9. skcsknathan001
    Member
    Posted 17 years ago #

    Lunabyte,

    I just started to use Bad Behavior, but I'm wondering does it actually blocks spams at the very beginning. I mean should I need to manually add some domains in the .htaccess even after running Bad Behavior?

    If I add the following, would it be I'm doing duplicate work?


    SetEnvIfNoCase Referer dating.blogs.com spammer=yes
    SetEnvIfNoCase Referer online-casino-pops spammer=yes
    SetEnvIfNoCase Referer 8thstreetlatinas spammer=yes
    SetEnvIfNoCase Referer boysfirsttime spammer=yes
    SetEnvIfNoCase Referer gofordgo spammer=yes
    SetEnvIfNoCase Referer buy-hgh-human-growth-hormone spammer=yes

    Order allow,deny
    allow from all
    deny from env=spammer

    # added to Deny Access to No Referrer Requests
    # http://codex.wordpress.org/Combating_Comment_Spam/Denying_Access
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !.*adadaa.com.* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

  10. lunabyte
    Member
    Posted 17 years ago #

    Pretty much.

    Bad Behavior doesn't exactly block spam, it essentially is doing what you're doing in htaccess and just denying the location the request is coming from if it meets certain criteria.

    Since it doesn't "exactly" stop a spam comment, that's why I use SK2 as a backup to it. BB, as I mentioned, is stopping it at the source and looking at the referrer and shutting down the request before it can get anywhere.

    Although I'll admit that, very, very few comments make it into SK2's spam harvest, while Bad behavior blocks on average a couple thousand attempts a week. This number is sometimes higher, or lower as well, as we all know that spam goes in cycles. Sometimes it's heavier than others on a given site.

  11. skcsknathan001
    Member
    Posted 17 years ago #

    So I don't need to manually block sites at the .htaccess and no need to block "No Referrer Requests", since Bad Behaviour already doing it?

    Sorry, I'm just thinking why do double work and slow down the access.

  12. lunabyte
    Member
    Posted 17 years ago #

    Yep. That's what BB is already doing. That and blocking ip's against RBL, etc.

  13. skcsknathan001
    Member
    Posted 17 years ago #

    Thanks lunabyte for clearing that up.

    BTW, you mentioned blocking ip's against RBL. But there is no RBL server addresses in the BB tables in the DB. The servers are hardcoded?

  14. lunabyte
    Member
    Posted 17 years ago #

    I 'think' that the servers to check against are in the plugin somewhere.

    You'd have to read up on the plugin's website page for more info. The plugin works, so I really haven't had to go digging through the code for it.

  15. drmike
    Member
    Posted 17 years ago #

    You don't mess with stuff that works. :)

  16. lunabyte
    Member
    Posted 17 years ago #

    Nope, I sure don't. :D

  17. enseignement
    Member
    Posted 17 years ago #

    Has anyone got an answer from akismet about the mu-free feature ???

  18. lunabyte
    Member
    Posted 17 years ago #

    If an individual user has their own key, then they can use it AFAIK.

    You just can't drop "your" key in there, and then set it as an mu-plugin and let every user use it through your key.

  19. drmike
    Member
    Posted 17 years ago #

    Actually you can but Matt has stated that it will be flagged and turned off once they see it.

  20. enseignement
    Member
    Posted 17 years ago #

    But what about this then ?
    You can hardcode your API key in the plugin file to hide the configuration page and enable Akismet as a mu-plugin for WordPress MU.

  21. KKWangen
    Member
    Posted 17 years ago #

    It's probably an option they've created to make it easier for anyone who get the business blog option.

  22. selad
    Member
    Posted 17 years ago #

    Is anyone using Aksimet with a single API key? Does it work?

  23. enseignement
    Member
    Posted 17 years ago #

    I've asked them today if I could do that.

  24. Ovidiu
    Member
    Posted 17 years ago #

    I am curious - please inform us too about the answer. What user number did you give them when you asked? I mean this is all about size, they certainly wouldn't mind if you had 10 blogs, but 10000 is a comletely different thing...

  25. lunabyte
    Member
    Posted 17 years ago #

    Technically, YES you can do it. And I mean literally, not "legitimately" or "legally". Once the Akismet folks find out, they'll deactivate your key, as the good Doc already mentioned.

    If you want to use your key across your MU network, and you're not a certified non-profit, it seems you'll have to get hooked up with one of their enterprise plans.

  26. drmike
    Member
    Posted 17 years ago #

    Heck, why don't you explain to them what you are doing and ask them if they would be willing to mark your key as a multi blog install? They might say yes. :)

About this Topic