如何有效攔截和過濾垃圾評論

針對那些使用技術手段，好比GET、POST等方式不填寫前臺表單，直接讀取後臺程序文件的spam，只有屏蔽IP才能緩解瘋狗同樣的攻勢，其它什麼驗證碼、滑動解鎖等等都沒用。

能夠在.htaccess文件中添加：禁止某些IP訪問。

1 2 3

Order Deny,Allow Deny from xxx.xxx.xxx.xx Deny from xxx.xxx.xxx.xx

 

 

有效地攔截內容中不帶有中文字的comment和trackback(pingback)

1 2 3 4 5 6 7 8 9

/* refused spam */ function refused_spam_comments( $comment_data ) { $pattern = '/[一-龥]/u'; if(!preg_match($pattern,$comment_data['comment_content'])) { wp_die('評論必須含中文！'); } return( $comment_data ); } add_filter('preprocess_comment','refused_spam_comments');

 

 

 

代碼將垃圾評論拒之門外直接將下面的代碼放到主題的functions.php文件的最後一個 ?>前面便可：

 

// 垃圾評論攔截
class anti_spam {
	function anti_spam() {
		if ( !current_user_can('level_0') ) {
			add_action('template_redirect', array($this, 'w_tb'), 1);
			add_action('init', array($this, 'gate'), 1);
			add_action('preprocess_comment', array($this, 'sink'), 1);
		}
	}
	function w_tb() {
		if ( is_singular() ) {
			ob_start(create_function('$input','return preg_replace("#textarea(.*?)name=([\"\'])comment([\"\'])(.+)/textarea>#",
				"textarea$1name=$2w$3$4/textarea><textarea name=\"comment\" cols=\"100%\" rows=\"4\" style=\"display:none\"></textarea>",$input);') );
		}
	}
	function gate() {
		if ( !empty($_POST['w']) && empty($_POST['comment']) ) {
			$_POST['comment'] = $_POST['w'];
		} else {
			$request = $_SERVER['REQUEST_URI'];
			$referer = isset($_SERVER['HTTP_REFERER'])         ? $_SERVER['HTTP_REFERER']         : '隱瞞';
			$IP      = isset($_SERVER["HTTP_X_FORWARDED_FOR"]) ? $_SERVER["HTTP_X_FORWARDED_FOR"] . ' (透過代理)' : $_SERVER["REMOTE_ADDR"];
			$way     = isset($_POST['w'])                      ? '手動操做'                       : '未經評論表格';
			$spamcom = isset($_POST['comment'])                ? $_POST['comment']                : null;
			$_POST['spam_confirmed'] = "請求: ". $request. "\n來路: ". $referer. "\nIP: ". $IP. "\n方式: ". $way. "\n內容: ". $spamcom. "\n -- 記錄成功 --";
		}
	}
	function sink( $comment ) {
		if ( !empty($_POST['spam_confirmed']) ) {
			if ( in_array( $comment['comment_type'], array('pingback', 'trackback') ) ) return $comment;
			//方法一: 直接擋掉, 將 die(); 前面兩斜線刪除便可. die(); //方法二: 標記爲 spam, 留在資料庫檢查是否誤判. //add_filter('pre_comment_approved', create_function('', 'return "spam";')); //$comment['comment_content'] = "[ 小牆判斷這是 Spam! ]\n". $_POST['spam_confirmed']; } return $comment; } } $anti_spam = new anti_spam();