內容簡介
WordPress 的 Analytical Spam Filter 插件可阻擋評論、引用通告和 Pingback 垃圾訊息。它使用多種垃圾郵件偵測方法,不會向使用者提出 Captcha、數學問題等的障礙,且不依賴外部服務或 API。這是一個低開銷的插件,在啟用後立即開始阻擋垃圾訊息。只要使用者啟用 JavaScript,本插件就可以與緩存插件相容。此插件僅阻擋透過 WordPress 預設評論表單提交的垃圾訊息。
插件使用邏輯來識別垃圾評論提交,不需要使用者互動。垃圾郵件阻擋機制在幕後透明地運作。大多數訪客需要花更長時間閱讀文章並添加有意義的評論,因此在短時間閾值內提交的任何評論都被識別為垃圾訊息。包含大量連結的評論會被標記為垃圾訊息。本插件使用加密的代碼和蜜罐過濾機器提交。插件添加的所有字段名稱都會隨機化以防止基於原始碼簽名的檢測。
配置選項包括:
啟用緩存相容性(需要 JavaScript)
將垃圾訊息添加到 WordPress 佇列或完全阻擋
將診斷資訊發送給網站管理員
自動與 Micro Contact Form 插件相容以阻擋垃圾訊息。
阻擋選項包括:
蜜罐陷阱
隨機化內部字段名稱
時間戳記(最小和最大入口時間)
積極檢查過多的 URL
檢查是否啟用了 JavaScript
自動封鎖來自 IP 的重複垃圾訊息
自動封鎖基於內容的重複垃圾訊息
需要使用者代理字串
需要引薦單位
封鎖引用通告
封鎖 Pingback
外掛標籤
開發者團隊
原文外掛簡介
Most spam filters make your visitors do the work by solving captchas, clicking image grids, or proving they are human before they can leave a comment. Analytical Spam Filter takes a different approach. It analyzes how a submission behaves and blocks spam automatically, with no friction for legitimate visitors.
Key Features
No captchas
No API keys
No third-party services
Privacy-friendly design
Behavioral spam detection
IP reputation tracking
Content fingerprinting
Cache-compatible operation
Install it, activate it, and it starts working.
Spam is identified by observing behaviors that real visitors naturally exhibit. People take time to read before typing, interact with the page, and use a real browser. Bots often skip those signals. The plugin uses those differences to distinguish legitimate submissions from automated spam without interrupting the user experience.
The plugin uses multiple independent detection techniques on every submission. A bot that bypasses one check is likely to be caught by another. This layered approach improves effectiveness over time. Once a spammer’s IP address or message content has been identified, future attempts can be blocked more quickly. Visitors with a previously approved comment are never flagged, regardless of the spam history associated with their IP address.
No visitor data is sent to external spam services, and no account registration or API configuration is required.
All field names added by the plugin are randomized during installation and can be regenerated at any time. This helps prevent bots from targeting the plugin based on known source code signatures. The plugin is compatible with caching plugins when Cache Compatibility is enabled.
The plugin blocks spam submitted through the default WordPress comment form only. It is also automatically compatible with the Micro Contact Form plugin.
Blocking Methods
Timestamp Blocking — Records when the page loaded and when the form was submitted. Submissions that arrive too quickly to have genuinely read the page, or after the token has expired, are blocked.
Duration Blocking — Measures how long the visitor actively spent filling out the form. Bots fill forms almost instantly. Requires Cache Compatibility to be enabled.
IP Blocking — Remembers which IP addresses have been blocked before. Once an address reaches the configured threshold, future submissions are flagged without running the remaining checks. IP addresses with a previously approved comment are never flagged.
Content Blocking — Remembers the content of blocked spam. If the same message appears again from a different IP address, it is flagged immediately. Content that matches a previously approved comment is excluded from the spam history.
Honeypot — Adds a hidden field that legitimate visitors never see or interact with. Bots that fill every available field are caught. Submissions where the field is missing entirely are also flagged.
Automated Client Detection — Blocks submissions from automated tools that do not identify themselves as a real browser. Legitimate visitors send this information automatically.
Referer Check — Blocks submissions that did not originate from a page on your own site.
URL / Domain Blocking — Flags submissions containing more URLs or domain names than the configured limit. Spam comments frequently contain multiple links.
JavaScript Check — When Timestamp or Duration Blocking is active, the plugin can determine whether JavaScript ran when the form loaded. Bots that skip JavaScript are caught automatically.
Randomized Field Names — Hidden field names are randomized during installation and can be regenerated at any time from the settings page, so bots cannot target the plugin based on known field names.
Trackback Blocking — Optionally block all trackbacks, which are a common source of spam.
Pingback Blocking — Optionally block all pingbacks, which are a common source of spam.
General Options
Send email notifications for blocked spam, valid submissions, or all submissions
Configurable email rate limit to prevent inbox flooding during attacks
Add spam to the WordPress spam queue, or block and reject it immediately
Optionally show rejection reasons to the submitter
Enable Cache Compatibility for caching plugin support and duration blocking
Regenerate security keys at any time from the settings page
