“Nonce, Please!” is a simple plugin that prevents brute-force comments and trackbacks from spammer. This is *NOT* an alternatives to Akismet.
| Author: | IKEDA Yuriko (profile at wordpress.org) |
| WordPress version required: | 2.3 |
| WordPress version tested: | 3.0.5 |
| Plugin version: | 1.2.0 |
| Added to WordPress repository: | 08-12-2009 |
| Last updated: | 08-05-2010
Warning! This plugin has not been updated in over 2 years. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.
|
| Rating, %: | 0 |
| Rated by: | 0 |
| Plugin URI: | http://wordpress.org/extend/plugins/nonce-ple... |
| Total downloads: | 6 266 |
| Active installs: | 500+ |
 Click to start download |
|
Akismet is a great plugin to block spam comments/trackbacks. It detects spams completely. But, Akismet allows to accept unsolicited feedbacks, and to store them in the database. It is weaker act to fight with spams. A better way is to reject them.
Also, the architecture of WordPress is vulnerable for spammer. Because the comment API is fixed URL like: "wp-comments-post.php", "wp-trackback.php, or "http://blog.example.com/archives/99/trackback/". Therefore, spammers can easily post bulk comments/trackbacks to WordPress weblogs.
"Nonce, Please!" add a nonce (random strings) to the comment hidden field and/or the trackback URL. A valid comment and/or trackback should have a nonce string. Bulk feedbacks will not have nonce. This plugins also verifies that a new comment/trackbacks has the valid nonce. If there is no nonce or an invalid one, the feedback is rejected.
Adding and verifying nonce is automatic, users are not do anything!