WordPress MU

It won't stop them, but it will strip the links out, as well as anything else.

Any spammer that's happy to manually enter answers will always get past it - as they will with the captcha.

And Bike, there is an Admin option to set new questions... it's in Site Admin :)

a next step would be to make it international, so we don't have to edit the code to change some english text.

It's easier with non-English installations, spammers only knows english ;)

Yeah, they can't register at my Mongolian wpmu hosting:) I used phpSecurePages.

Does anyone know if the security question compatible with the captcha ?

Guys,
All this is great, but has moved around a bit... but as a frustrated MU user, I'm really hoping that we recognize the need for two programming solutions:

1) Dissallow any creation of a blog title with HTML code in it or with any keywords like viagra etc ... at any juncture, either at signup or creation of a new blog once already signed up.

2) The option to have an approval process for new users and blogs.

The other problem I'm having is that this forum sometimes is hard to follow... especially for a jr programmer. If you could tell us EXACTLY where we should be slipping these code snippets (including approximate line number) that would be good.

I'll let you know what I have done...
- Captcha at signup and log in
- Secret question (changed regularly)
- Strip code to rid titles of links (still long linkless titles appear)

I still get 2 to 4 title spam posts a day! There are no links in them, but they take up entire screen.

I don't want to take of most recent posts stuff, cause it's nice to have and shows activity... so, is there a way to approve the posts to the main screen before they get there?

1) the absolute latest version in treaxc is supposed ot strip out any code in blog titles.

2) I'm working on a write-up for the hack I use.

Unfortunately, while the problem is simple, the solution isn't.

Can someone tell me exactly what code and where to put it to shorten the title length allowed? There was code shown in this thread, but not where it should go. Thanks in advance!

I'm contemplating screening the latest posts on a hidden page, then manually placing them on the main screen... but again, that takes away from the 'social' fluidity of the MU approach...

Thanks for all your thoughts on this... I am not much of a programmer, but know full well how frustrating this type thing is... keep up this great exchange work! Just wanted to say it's appreciated.

James.

Look in the html portion of the signup form, and set a max length on the text field as required.

Thanks for the tip. I just limited max characters to 50 in the signup and also in the blog options in case they decide to change it later.

I have one of my PHP guys looking at a keyword scan as well as new blogger notification for quick response to manual spammers...just a watchdog feature using email. Stay tuned.

This is super low tech but I think it's working for me. Just implemented it....

<!-- RONI ADDED onsubmit to stop a hrefs!!!-->
<script language="javascript">
function stopAhref(theForm) {
//alert(theForm.blog_title.value.indexOf("<a href="));
if (theForm.blog_title.value.indexOf("<a href") != -1) {
alert("NO LINKS ALLOWED JERK!");
return false;
}
}
</script>

add that to wp-signup.php and add

onsubmit="return stopAhref(this)"

to the form tag on line 328 like this...

<form name="setupform" id="setupform" method="post" action="wp-signup.php" onsubmit="return stopAhref(this)">

This will just stop the form from processesing if an "a href" is found in the title.

Like I said, low tech but works for manual enter-ers.

-Roni

Um, that was fixed a few revisions back. Not to mention if javascript is turned off, it has no effect.

lunabyte,

ummmm I didn't see it in this thread and I thought it would help some folks.

It's not any better the stripping out the tags considering the spam still clutters the page. The JavaScript solution paired with yours earlier in this post is not a bad solution.

No need to get snippy to those just trying to help. I'm sorry I replied.