前言介紹
- 這款 WordPress 外掛「Block Comment Spam Bots」是 2019-12-19 上架。
- 目前有 900 個安裝啟用數。
- 上一次更新是 2024-04-10,距離現在已有 388 天。超過一年沒更新,安裝要確認版本是否可用。以及後續維護問題!
- 外掛最低要求 WordPress 4.9 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 5.4 以上。
- 有 3 人給過評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
外掛標籤
bots | spam | blocking | comments | automated spam |
內容簡介
專業垃圾郵件發佈者使用程序自動化進行內容的發佈,「Block Comment Spam Bots」(BCSB)外掛可以有效地阻斷此類程序,消除評論內容的垃圾訊息!沒有更多的垃圾評論!對於來自合法用戶的正常訪問,BCSB外掛不會有什麼不好的體驗,因為垃圾郵件發佈者所依賴的cURL和WGET命令不會被真正的用戶使用。您的訪問者不需要回答CAPTCHA之類的問題,只需使用任何主題中設計的評論表單。從管理後台來看,您不需要使用任何黑名單、特殊密鑰(如Akismet)、過載的垃圾郵件隊列或已過期的垃圾評論數據庫,垃圾訊息只需要您手動刪除即可。
安裝此外掛後,所有變化都只會體現在您的管理區域,評論列表現在旁邊會有一個綠色的勾號,這意味著該評論是由真人發表的,並且未被經由直接連接您的服務器的駭客規避過去。
現在,您所面對的問題只剩下那些來自真人發表的評論了。即便是有真人來進行評論,但即使很麻煩,花費時間也需要一些努力。真人發表評論的垃圾數量遠遠少於來自自動發送的垃圾邮件,這樣就為您節省了大量的時間,讓您專注於更為重要的事情,例如跟讀者建立關係。
我們的外掛已經在多個網站上進行了測試,完全消除了自動垃圾信息。如果它在您的站點上沒有效果,請告訴我們。
**某些技術細節**
如果您對外掛如何運作有興趣,以下是一些有關該外掛的技術細節。
論評的處理使用了WordPress wp-post-comments.php文件。垃圾郵件發佈者("垃圾機器人")可以直接向該文件提供(“發表”)數據,經由cURL/WGET等命令直接插入在網站上。
經由CURL或WGET命令直接插入內容到這個文件通過這個方法可以很容易地規避評論表單。只要傳送評論ID號碼、機器人的假名字和電子郵件以及垃圾內容,評論垃圾就在您的網站上了!該外掛使用了多種技術方法來“感知”垃圾機器人。其更改了隱藏字段,延時數據的傳送,以及阻止對WordPress POST/處理功能的直接訪問。這些技術也用於我們獨立的“FormSpammerTrap”(FST)程序和其他的防止垃圾郵件出現的外掛(例如FormSpammerTrap for Comments),非常有效。它們使用了一些Javascript無法處理的隱藏字段封鎖了垃圾機器人。
總之,您只需要安裝此外掛並啟用它,機器人的評論將不再出現。它不會添加任何視覺障礙,並且不會在表單上出現任何"reCaptcha"之類的東西(這些都是很麻煩的問題)。也不會要求您回答如“2+8=?”這樣的愚蠢問題。使用此外掛並不會改變您的評論表單。對於普通用户,他們不會注意到任何差異,但是您會注意到您的網站中再也不會有垃圾評論了!
此外掛是防止評論垃圾的最佳解決方案。我們曾在每天收到20-40條評論垃圾的網站上進行了測試。啟用此外掛後,垃圾評論停止了。立即停止。自從安裝此外掛以來,該站點已再也沒有收到過任何評論垃圾信息。**一个没有。** 管理員功能页面的评论列表已經修改,該列中有一個綠色勾號圖示,表示該評論是由真人發表的,並且未經由直接連接您的服务器的駭客規避掉。
原文外掛簡介
Professional spammers use programs to automate their spamming. The ‘Block Comment Spam Bots’ (BCSB) plugin efficiently blocks their process. No more comment spam!
As no legitimate user will use the professional spammer’s automated process which relies on cURL and WGET commands, real users will never notice the BCSB plugin at work. There are no CAPTCHAS for your visitors to interact with. No silly questions. Just the comment form as designed in any theme.
On the admin side, there are no blacklists, special keys (like Askimet), overloaded spam queues, or overworked databases that store spam comments until you manually delete them.
Install the plugin and that’s it. Invisible, to you and your visitors. The only change you will notice is in your admin area. The list of comments now has a green check next to them. That way you know that comment was made on your website by a real person and was not bypassed by hacking spammers connecting directly to your server.
All that remains is comments made by real people, and while real people can spam, it takes them time and effort. The amount of spam from real people is a lot more manageable than the tsunami from automated spammers, saving you time to concentrate on the important things in life, like your readers, and making connections.
We’ve tested it on multiple websites and it wipes out automated spam completely. If it doesn’t on your site, please let us know.
** Geeky Stuff **
…in case you are interested in how it works…
tl;dr – This provides a total and easy solution to comment spam from spam bots.
Comments are processed by the WordPress wp-post-comments.php file. Automated spammers (‘spam bots’) can provide (‘post’) data directly to that page, bypassing any comment processing, by using CURL/WGET commands.
Bypassing the comment form by posting directly (via CURL or WGET commands), is quite easy. Just send the post ID number, and the bot’s fake name and email, and the spammy content. Boom! Comment spam is on your site!
The result is comment spam – and that is not always caught by other comment spam checkers. Even if it is caught by programs such as Akismet, processing that spam takes some server resources, including writing to the database.
This plugin uses several techniques to ‘sense’ a spambot. There are hidden fields that are changed after a delay. There is a delay in displaying the submit button. And it blocks direct access to the WordPress post/processing functions.
The techniques, also used in our standalone “FormSpemmerTrap” (FST) program, and our other anti-spam plugins (like FormSpammerTrap for Comments), are very effective. They use a bit of JavaScript to block spambots – since automated processes via CURL/WGET/etc cannot process JS code.
It’s simple: you install this plugin, activate it, and bot comments will stop. Immediately.
And it doesn’t add any visual impediments to your comments. No reCaptcha things (which many see as a pain). No silly questions (‘what is 2+8’) on the form. Your comment form does not change. Regular users will not notice a difference. But you will. No more spam comments for you!
This is the best solution to block comment spam. We’ve tested it on a site that had 20-40 spam comments a day. With this plugin enabled, the spam comment stopped. Immediately. And there have been none since installing this plugin. ** Not one. Zero.**
The Admin, Comments list page is modified to show a column with a green checkmark icon if the comment was entered by a real person and not a bot. This is an assurance that the comment was not entered via an automated CURL/WGET to the wp-comments-post.php file. A comment that is on the list that does not show the checkmark was done by a bot. But you won’t see those blocked comments with this plugin enabled. They never get into your database. You can hover over the checkmark icon to see the GUID value indicating a person entered the comment.
The plugins ‘Settings’ screen has no settings. You don’t even need to look at the Settings screen. If you do, you’ll see information about the plugin. And there is a CURL command you can use to test the effectiveness of blocking (or not blocking) direct access to the wp-comments-post.php file.
The plugin also adds the hidden GUID field to the comment form after a delay to help block bots that are using the comment form to submit. If the hidden field is not submitted then a bot tried to bypass the comment form. And a short delay happens before the comment submit button is displayed – another bot protection.
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「Block Comment Spam Bots」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 1.5 | 2.0 | 2.1 | 2.2 | 2.3 | 2.4 | 2.5 | 2.6 | 2.61 | 2.62 |
延伸相關外掛(你可能也想知道)
Advanced Country Blocker 》總結:Advanced Country Blocker 外掛能夠透過依據訪客的地理位置(國家)或IP位址來限制存取,進而幫助您加強 WordPress 網站的安全性。提供多項功能,包括自...。
Spam IP Blocker 》這是一個阻擋垃圾郵件 IP 的外掛程式,是免費使用的。當評論者的 IP 存在於至少一個「.zen.spamhaus.org」和「.bl.spamcop.net」的黑名單中時,它會自動將任...。
Simple Site Lockdown 》需要確保網站僅對管理員可見嗎?只需啟用此外掛程式。, 不需要任何設置或配置 - 它會強制任何非管理員的用戶前往登錄頁面。他們將完全看不到網站的任何內容。...。
Ad Blocking Advisor 》廣告攔截輔助工具(Ad Blocking Advisor)在您的網站上添加了一個簡單而優雅的通知欄,只會顯示給使用廣告攔截軟件的訪問者。通知的目的是要求(或建議)您的...。
Block Spammers 》這款外掛允許使用以下選項來阻止垃圾訊息:, , 透過 IP (支援萬用字元)封鎖垃圾訊息。, 封鎖所有已經標記為垃圾訊息的 IP。, 封鎖帶有不當詞語的訊息。, , ...。
Stop War! Stop Putin! 》這個外掛需要關閉任何高速緩存(Cache)外掛才能正常運作。, 當您安裝且啟用了「Stop War! Stop Putin! WordPress Plugin」時,它將允許您封鎖所有來自俄羅斯聯...。
Login Watchdog 》這個外掛可以記錄登錄失敗的嘗試,, 當嘗試次數超過設定的失敗嘗試次數限制時,會封鎖該 IP 地址的所有登錄嘗試。, 在管理介面中,會顯示失敗記錄的列表,包...。
Tiny Simple AdBlock Detector 》這個外掛非常簡單,沒有任何可變選項。, 它唯一的功能是可以偵測 AdBlock(在 Chrome 的 AdBlock 擴充功能上已測試),並定義 HTML 類別以控制根據偵測結果在...。
Simple AI Blocker 》總結:這個 WordPress 外掛可以直接封鎖 AI 爬蟲的 IP 地址或用戶代理,封鎖是直接在伺服器上進行的,而非透過 robots.txt 檔案,因此可以阻擋那些不尊重 rob...。