Form Spammer Trap for Comments

开发者	Rick Hellewell
更新时间	2022年3月3日 07:30
捐献地址:	去捐款
PHP版本:	7.4 及以上
WordPress版本:	5.9
版权:	GPLv2 or later
版权网址:	版权信息

下载

2.0 2.01 2.10 3.00 3.01 2.11 4.00

详情介绍:

FormSpammerTrap For Comments adds form spam bot blocking to your comment form, and the comment processing code. We catch comment spam before it gets to your database. It senses human interaction with the comment form. It does not require those irritating captchas, hidden fields, silly questions, CSS tricks, or other annoying things others use to try to (but fail to) block spam-bots. The FormSpammerTrap for Comments plugin provides several options to change the text of various parts of the comment form, such as the title of the comment form, the submit button, and more. You can also set the text used for the Reply link, and even include the name of the commenter in that Reply link. If a spam-bot tries to submit a comment, even when they bypass your comment form with non-browser tricks (think CURL), they will be sent to our FormSpammerTrap page, and you will not see the spam-bot comment on your system. (Although that makes it harder to know that FormSpammerTrap is working.) The plugin catches comment spam before it gets into your database, so other plugins (like Akismet) don't have to spend time checking each comment. And you don't have to keep on cleaning out spam comments from your database on the administrative Comment screen. You will find more information at our FormSpammerTrap web site. We also have solutions for WordPress contact forms and custom-built sites. You can contact us with any questions or issues on that site.

安装:

This section describes how to install the plugin and get it working.

Download the zip file, uncompress, then upload to /wp-content/plugins/ directory. Or download, then upload/install via the Add Plugin page.
通过 WordPress 的“插件”菜单以激活本插件。
Change settings in Settings, 'FormSpammerTrap for Comments Settings' to your requirements.
Note: do a "Save" on the FormSpammerTrap for Comments Settings page once after an upgrade to ensure all is well; your settings will be preserved.

屏幕截图:

升级注意事项:

3.01 (released 4 Mar 2020)

minor changes; correction to fix repository issues

3.00 (released 2 Mar 2020)

changes to how array elements are specified to prevent future errors, in preparation for additional features.

2.20 (released 6 July 2018)

added an optional reCaptcha box - the 'I am not a robot' box - that will display as needed. You will need your own reCaptcha key; the link is on the settings screen.
reformatted the Settings screen a bit; added a sidebar showing a list of our other plugins.
added CSS file for Settings page CSS.

2.11 (released 21 Feb 2017)

added an empty H2 tag above the Settings header for any WP messages
minor code efficiencies

2.10 (released 29 Dec 2016)

changed the text fields allowed length from 30 to 50 characters.
changed the header graphic/information.
updated the icons used on the WordPress plugin pages.
changes to text/info on the Settings screen.
added additional screenshots to show all of the current settings
tested with WP 4.7

2.00 / 2.01

released 25 Jan 2015
added these new customization text areas; see details about each item on the Settings screen ** text to display after the closing form tag ** text to display if comments are closed ** text just before the closing form tag (after the submit button) ** text above the entire comment form ** text just under the 'Leave a Reply' comment area heading ** text just after the 'must login in' text but above all the form fields ** text just above the comment message box only if you are logged in (does not display if not logged in)
code efficiencies to reduce number of calls to options database and others
minor style and text changes to Settings screen
Settings screen logo change
Tested with WP 4.4.1

1.08

released 25 Aug 2015
enhancement of the WP 'nonce' value to make it more effective, and compatible with other plugins
testing to ensure compability with WP version 4.3
minor changes to readme.txt file
better removal of the 'URL' field on comments

1.07

released 30 Jul 2015
testing to ensure compatability with WP version 4.2.3; should work just fine with 4.3

1.06

released 25 Jul 2015
Fixed typo in readme that showed the 1.05 version in the Upgrade Notice section as 1.06
Minor trapping enhancements
some more code efficiencies, although the code is heavily commented for 'plugin code lurkers'

1.05 Released 2 Mar 2015.

Fixed an obscure problem that caused improper redirecting on some versions of Internet Explorer.
More code efficiencies to allow pages to load faster, especially non-comment-enabled pages.
Further enhancement of the 'human sensor' to force non-humans (bots) to the www.FormSpammerTrap.com site.
Save settings once after installing upgrade.

1.04 Released 22 Feb 2015. Many new features and options, plus enhanced spambot catching, even those evil-doers that try to bypass the comment form (think "CURL"). Added a settings link on the All Plugins page. Added options to change the comment form text, reply links, and the text inside the submit button. Some minor code optimization. Check the Readme.txt for a full list of enhancements. Save the settings once after installing the upgrade. 1.03 Released 19 Feb 2015 - added option for changing the text inside the Submit button, plus other new features and code cleanup 1.02 Released 17 Feb 2015 - fixed a but that snuck in during some code optimization that may cause errors to display in the comment area. 1.01 Released 16 Feb 2015 - Fixed a display bug with threaded comments, added explanatory text on the settings page, added additional features. 1.0 Initial release (1 Feb 2015)

常见问题:

How do you block spam bots?

We use a technique that looks for human interaction with the comment form. The name, email, and comment text area plus other required fields are all checked for this human interaction.

What happens to a spam bot filling out the form, or submitting form data via an automated process?

The spam bot is redirected to our FormSpammerTrap page at www.FormSpammerTrap.com . The comment is essentially 'thrown away'; it isn't added to your posts' comment. Your site doesn't even see the submission, which might reduce the load on a busy site.

But can't I block comment spam with (take your pick: captchas, hidden fields, CSS tricks, silly questions, whatever)?

Those techniques just don't work with modern spam-bots. Captchas are easily bypassed. Hidden fields are not hidden to the smarter spam bots, neither are CSS tricks that hide a field from display. And silly questions are just irritating. Our technique requires a human to interact with the form. Form spamming bots can't provide that interaction. And without that human interaction, submitting the form sends the submitter to our FormSpammerTrap.com site. The comment is never saved. So you don't see the form spam.

Does the technique also work with Contact Us forms?

No, it is only for comments. But we have a free solution on our FormSpammerTrap.com web site that will apply the same techniques to Contact Us forms. It is easy to implement; it's just a template that should work with the theme you are using.

Are there things on my site that will not work with this plugin?

Perhaps. Any plugin that modifies the comment form might interfere with our technique. If you have problems, you can temporarily disable our plugin, or the other comment form plugin, and see if the problem re-occurs. Also, some themes are not well-behaved, and might cause problems. For instance, we have noticed that some themes are doing goofy (non-standard) things with the comment form code, so if required fields are empty when you submit, you get a 'fill in this field' message for a required field rather than getting redirected to the FormSpammerTrap.com site. Nothing we can do about themes that don't follow good WordPress coding practices. But our plugin doesn't interfere with those themes. And a form spammer will still be sent to the FormSpammerTrap.com web site. We have verified that it works properly with the WordPress "Twenty-" themes, plus several others. Let us know if you have other themes where it isn't working properly. The plugin does do some jquery stuff to try to insert the trapping techniques into the comment form. This may allow the plugin to work on many themes that might not stricly follow coding best practices.

When I activate the plugin, submitting a comment always redirects to the FormSpammerTrap site. Why?

As stated above, some themes don't follow proper WordPress coding standards as it relates to supporting changes to the comment form. Because our plugin uses standard WordPress functions to add functionality to the comment form, these themes ignore that standard coding and build their own forms. You can verify this by temporarily changing your theme to one that follows WordPress standards, like the TwentyFifteen theme. If the comment form works properly, then you know that the theme is at fault, not our plugin. If the form still doesn't work with the TwentyFifteen theme, then let us know. The current version of our plugin does bypass some improper theme code as it relates to comment forms.

What about limiting the number of URLs in a comment?

Our plugin does that too. Most comment form spammers will try to put lots of links in the comment. You can partially block that with the settings in the Discussion menu. We take it a step farther by letting you determine the number of URLs you want in a comment. The plugin then removes or overwrites the excess URLs from the comment.

What if I want something that shows when excess URLs are deleted?

The plugin provides for that also. You can determine if the excess URLs are deleted, or if they are replaced with '[URL Redacted]' text.

What about changing the text that shows before and after the comment form?

The plugin provides that also. In the FST4c Settings screen (under the Settings menu), you can enter the text that will be displayed before and after the comment form. We don't allow any formatting of that text, to prevent any security problems. Note that a logged-in user won't see the 'before the comment' text; this is a limitation in the WordPress core code.

Anything else?

We've added some new features that allow you to change the text for the comment form, submit button, and more. There are also some tweaks you can enable to allow for how some themes display the comment form. Everything is in the settings screen.

But what if I want the default text to show before and after comments?

The plugin allows for that. Just leave those fields blank on the plugins' settings screen.

What about the error message when a required field is not filled out?

The plugin shows the error message (such as "Please fill out required field (name)") while re-displaying the comment form, with the fields showing the data previously entered. The visitor can just fill in the required fields, and submit again.

What if I don't like how the plugin changes things?

You can just deactivate the plugin. Your settings will be saved if you want to reactivate later.

Does the plugin make changes to the database?

The plugin only adds one 'row' to the Options database, using standard WordPress functions. The plugin will read the values as needed, minimizing calls to the database to limit any overhead against the database.

Does the plugin require anything extra on the client (visitor) browser?

Not that we are aware of. The things we do are done through standard WordPress calls, plus one bit of "DOM" access, which all modern browsers support. There should be no effect of the plugin on how the visitor interacts with your site. The visitor will not have to have Javascript installed (which is not a good idea in most cases). It works with the standard 'jQuery' code that WordPress already includes and uses.

Where can we go for support if there is a problem or question - or a new feature we think will be nifty?

You can use the plugin support page for questions. Or you can contact us directly via the Contact Us page at www.FormSpammerTrap.com . We usually respond within 24 hours (and are usually faster than that).

How much does the plugin cost?

It's free, as is the Contact Us form template available on the http://www.FormSpammerTrap.com site. But there is a place to donate there, if you are so inclined. (And we will appreciate that inclination!)

What else do you do?

We do lots of WordPress sites: implementation, customization, and more. You can find more info at our business site at www.CellarWeb.com .

更新日志:

4.0 (released xx FEB 2022)

Changed all function calls to have prefix of 'fst4c' to reduce chance of collision with other plugins
Changed PHP requirements to be at least 7.4 .
Changed WP requirement to be at least 5.0 (but latest version is better).
Changed the order of the settings fields so they are more 'top to bottom'.
Changed size of input fields from 30 to 45.
Added a description to each setting (to the right of the setting field.
Fixed the way that the form action is changed to https://www.formspammertrap.com if the 'set bogus action' option enabled. The form action is changed back to normal on a onclick/onfocus of a required field.
Added a little spacing between the "Required" text in front of a field, if the field is required.
Fixed the 'reply to' text if the 'Add the comment author's name to the Reply link text' setting is enabled; now shows 'Reply to' plus the comment author name (in quotes).
Recaptcha script added just befor close body tag, instead of in head tag.
Improved session starting - new session only if session does not exist.
Re-wrote the informational text at the top of the Settings page.
Correction to how the form 'action' parameter is set and changed.
Added more screenshots to show settings and the results of those settings on the comment area.
Changes to the visual look of the Settings page to match our other plugins.
Additional information about our other plugins added to the sidebar.
Updated logo and other Asset images to current CellarWeb branding.
Minor changes to the "Donate" button.
Minor CSS changes to the settings page.
Minor spelling corrections.
Added link to the CellarWeb contact page at the bottom of the settings screen.