admin-plugins author calendar category facebook post rss search twitter

TIDY REPO

The best and most reliable WordPress plugins

Cookies for Comments

Plugin Author: Donncha O Caoimh

August 4, 2014

Comments, Security


Warning: Illegal string offset 'file' in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 121

Warning: Illegal string offset 'sizes' in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 125

Warning: Illegal string offset 'file' in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 127

Warning: Illegal string offset 'width' in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 128

Warning: Illegal string offset 'height' in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 129

Warning: getimagesize(): Filename cannot be empty in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 167

Warning: getimagesize(http://tidyrepo.com/wp-content/uploads/): failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found in /home/content/p3nexnas05_data02/35/2097635/html/wp-content/plugins/picturefill.js.wp-master/inc/class-model-image-picturefill-wp.php on line 167

Catching all of the spam comments that hit your site can be a real chore. Personally, I turned to a third party service, Disqus, to help me out. But if you’d like to keep everything in-house, Cookies for Comments does a great job blocking out spam comments with a really simple solution.

What’s It Do?

Cookies for Comments works by inserting a small image, under 100 bytes, in to your site. This is then detected by the plugin and used to insert a cookie to confirm that users are actually using your site and is not a spammer. If the plugin detects a spam comment, then it automatically bounces the comment to spam or deletion, depending on which you prefer. This blocks the insertion of comments by spam-bots and other non-human visitors.

The plugin also gives you a few options to eliminate another kind of comment spam if you want, and allows you to customize the message shown to spammers when they are blocked. It works completely behind the scenes and very well.

How’s It Work?

When you install and activate the plugin, it will begin working immediately with default settings. However, you can go to Settings -> Cookies for Comments to customize it.

First, select from the drop-down menu whether or not you want spam comments to go to your spam folder, or go directly to trash with “Delete.” If you get enough spam, the latter might be the better option. Next, you can choose the “Payload Delivery Mechanism,” which is set to “Image” by default. You can also choose “CSS File,” but this has a (relatively small) performance impact. You should really only switch to this setting if you are finding that a lot of spam is somehow making it through.



Page Template Dashboard in action

The next option is the “Speed Spammers.” In the provided text box, you can enter in a certain number of seconds. This will make it so that if any comment is posted before that amount of time is reached, it will also be sent to spam. This is to prevent users who visit a page, then post using a bot or manually very quickly, without actually reading the post, then move on. The plugin recommends between 3 and 6 seconds. Again, enable this only if you think that it is an actual problem. Otherwise, leave it at 0 to keep it disabled.

The last option is “Rejection Message.” It is here that you can customize what message spammers will see when their comment is bounced. If you don’t put anything here, a default message will be displayed instead.

Cookies for Comments Rejection Message

Customize your rejection message.

If you are a developer, you may also want to add the following lines to your htaccess file. This will prevent comments from every being posted in the first place, instead of being bounced away. But only use this if you have a good understanding of FTP and htaccess.

RewriteCond %{HTTP_COOKIE} !^.*34952f8c72989b842de2db6cd8f3c989.*$
RewriteRule ^wp-comments-post.php - [F,L]

Or for Multisite

RewriteCond %{HTTP_COOKIE} !^.*XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.*$`
RewriteRule ^wp-signup.php - [F,L]

The plugin works behind the scenes, so you won’t even notice that it’s there until spam comments start being blocked.

Costs, Caveats, Etc.

Cookies for Comments is free, updated often, and quite effective. If you’re having a problem with it, first check to make sure that your cache is cleared, then head over to the support forums to ask for help from the plugin developer.

Resources

Did you like this post?

  • Rick G

    This plugin hasn’t been updated in two years… Are there newer methods of implementing this functionality?

About this Plugin
Get the latest

Signup for our newsletter to get plugin tips, and see what's coming down the pipe.

Plugin Categories