Registration Spam Annoyance & WordPress Plugins
I did a bit of a Google search on what others are using for registration spam and here are the plugins that various blogs are using to get past registration spam. I’ve only installed Ban Hammer and Bad Behavior for now and will try the others when I get a bit of time (going away for a week and have to work on clients sites rather than my own blog), but thought I’d include them all to save you a bit of time searching too.
First I installed Ban Hammer, and manually entered all the domains in the blacklist, but unfortunately I was still getting “hammered”, and apparantly that could be caused by Zend, so it might work for you out there if you don’t have Zend installed on your server. Ban hammer has optional built-in support for StopForumSpam.com as well. This plugin does not work for me, but it could work for you, it seems only a few people have my problem of it being incompatible.
The Bad Behavior plugin prevents spammers by analyzing the delivery method and software that the spammer is using, so it can stop spam even before that particular user is reported as being a spammer. You need to get an HTTP Blacklist Access Key from Project Honey Pot (Project Honey Pot tracks harvesters, comment spammers, and other suspicious visitors to websites) to use the plugin.
Stop Spammer Registrations Plugin
The Stop Spammer Registrations Plugin also accesses the StopForumSpam.com database (as per the Ban Hammer plugin) prior to a user registering. I haven’t tried this one yet but it’s intent is to validate the email, ip and username against the StopForumSpam.com database and then deny login attempts and prevent registrations. This plugin also works on WordPress MU (which Ban Hammer does not). And this plugin will allow you to report spam if you have a StopForumSpam.com API key.
Sabre and Conditional CAPTCHA for WordPress
Another two plugins that were mentioned were Sabre and Conditional CAPTCHA for WordPress.
Sabre = “simple anti bot regirstration engine” and gives you a range of different features you can use on your blog to prevent registration spam.
I’ll be trying this out when I get some time. It can install a captcha form on your registration form – and enable you to change the captcha options, colours, and complexity. It can enable blog verification so that their account is deleted if no confirmation is received. It can send an invitation code to your user, etc. See the plugin page for more details and screenshots.
Conditional CAPTCHA for WordPress is also a plugin providing CAPTCHA, but does so only if it detects a comment as spam, as I haven’t tried this one out yet, but I’m having a guess that this one will probably only deal with comment spam not registration spam. The idea is pretty neat though – you need to have Akismet or TypePad AntiSpam installed & active before using this plugin. If the spam detection plugin recognizes a spammer from those 2 plugin databases, it will ask the potential spammer to complete a CAPTCHA. If they fail, their comment will be trashed and if they pass, it will go to spam for pending review or approved (your choice).