Comment Moderation

I think I’ll be making some changes to the way comments are working. Since the switchover to WordPress, I’ve been requiring all user comments to be explicitly “approved” by an administrator (currently, me) before becoming publicly visible. That’s lame. Users should be able to comment right away, and see their comments show up.

On the other hand, WordPress doesn’t have an exact equivalent to the mt-blacklist plugin I was using in Movable Type to keep ahead of comment spam. Though there was some funkiness in how it operated, mt-blacklist was mostly doing an okay job of stopping comment spam without my having to see it. Now that I’m manually performing that task myself, I’m quickly growing dissatisfied with doing so.

So I think I might try the following: WordPress has a self-service “user registration” feature that only requires a valid email address. I’m thinking I’ll enable that, and then make it so registered users have the ability to post without needing their messages to be moderated. Unregistered users will still be able to post, but their comments will need to be approved before becoming publicly visible.

Comment spammers will still be able to register and post spam, if they really want to; if that happens I’ll delete their comments after the fact. If it happens a lot I’ll go back to the current system, I guess.

Your thoughts on all this are humbly solicited. (Though at the moment they’ll sit and wait for me to approve them before anyone else gets to see them.)

Update: I didn’t do any of the above stuff involving requiring registration. See comments below for details. Comment moderation is now turned off. Bring it on, comment spammers.

7 Responses to “Comment Moderation”

  1. hossman Says:

    jbc, I assuming you’re refering to the Comment Moderation Plugin.

    Evidently, there’s also a “Spam Words” function, that lets you provide a giant list of words (not regexes unfortunately) to test against comments. As I understand it, even if you turn comment moderation off, any comment matching any of those words gets queued for moderation anyway. Something to think about

    There also seems to be a WPBlacklist hack that shows up in searches for “wordpress spam” … allthough the exact distinction between a WordPress plugin and a WordPress hack is lost on me.

  2. John Callender Says:

    The first of those (the Comment Moderation Plugin) I looked at, but didn’t like, since I don’t want everyone to have to manually confirm a real email on every spam. I’d rather they did it once, to get cookied as a registered user, after which their comments would just go through.

    The Spam Words function is working now, though since I’m holding all comments for moderation anyway it isn’t actually doing anything.

    I’ll check out that WPBlacklist hack. Thanks for the pointer on that.

  3. John Callender Says:

    Hm. Okay, well, the WPBlacklist hack turns out, upon much investigation, to be more or less the same thing that was implemented with the “spam words” function. And it actually _does_ seem to do regex matching. So by grabbing a copy of the latest blacklist from the MTBlacklist guy, and dumping it in there, I’m hoping I’m basically there.

    I’ve turned off automatic comment moderation. As of now (and subject to some testing I’m about to do), comments will appear right away unless they trigger the spam words thingy.

  4. uhoh Says:

    MTBlacklist guy?

    I’d like to see a wordpress plugin that required users to type out the text shown in a random image. Google for captcha. =D

  5. Pat O'Cake Says:

    What, like this?

  6. Patriot Says:

    WordPress? what’s that?

    is that a server-thingy for running a site with forums like this one!? I thought had probably been done from scratch in somebody’s basement. all the best stuff is.

    i want one!

    hmm, found ‘! on Google, but it won’t load. taking forever, server’s probably down. rats.

    found “”
    been planning to get my own blog for a while, but I wanted a fancy one like this.
    And here it is!!! Yay!

  7. Patriot Says:

    ok it’s working now

Leave a Reply

You must be logged in to post a comment.