Here's a little gotcha that I thought I'd share with the world. I amended my template to use cforms with Captcha Verification to avoid spammers. I know this works because I've done it on other blogs, but the spam kept coming.
So, I was puzzled and went to look at the HTML source of the posts. Turns out because I'd commented out the PHP of my regular comments form, rather than deleting it completely, the regular form was there in the HTML inside comment braces (as well as the cforms code which wasn't in comment braces). Now it seems that the spammer webcrawlers just ignore the comment braces, and see the regular form, and post to it and it still works!
So, the answer is don't comment out the regular form in the template, delete it. It also seems that if a spammer was clever enough to notice a wordpress site, they could spam it by posting to the regular form URL (which is still there) and bypass the cforms form, which I think explains why you very occasionally get spam on a captcha verified site, or maybe I'm wrong.
Cforms is great, by the way.
March 6, 2005
Does this spam arrives in the form of comments?
My website is being bombarded by spam through the cforms system, with a cform email, with the cform email template. Does this still apply to my case?
I changed the number math captcha to a text image, and made the colors very light today, in an attempt for preventing some kind of text decipher algorithm to figure out the characters.
Most Users Ever Online: 959
Currently Browsing this Page:
Guest Posters: 3744
Newest Members: juredujmovic, dreamkeeper, rajattyagi, wrokaa, lukass
Moderators: Paul (421), cnymike (8), sonika (95)
Administrators: Oliver (6400), Nicky (3)