Asides Techtalk

Anti spam tips

Donncha O Caoimh geeft een aantal handige tips om met mod_rewrite heel wat spam tegen te houden.

Internet Techtalk

WP Mollom 0.5.2

So, I wrapped up version 0.5.2 of WP Mollom today. This release is all about fixing several bugs.

  • fixed: passing $comment instead of the direct input from $_POST to the show_captcha() and check_captcha() functions.
  • improved: implemented wpdb->prepare() in vunerable queries
  • improved: mollom_activate() function now more robust
  • changed: mollom_author_ip() reflects changes in the API documentation. This is to catch up on the abuse of proxies by spammers. If your host uses a reverse proxy and you know the ip(‘s), just enter them in the dashboard. The plugin takes care of the rest.

I tried to make the plugin compatible with the WP OpenID plugin over the past weeks. But no dice. Stable version 2.1.9 of WP OpenID doesn’t deal with extra fields added to the HTTP POST by other plugins when a request is send to wp-comments-post.php. This causes WP Mollom’s CAPTCHA form and subsequent checks to malfunction.

The good news is that Will Norris of WP OpenID is aware of the problem. The development version does contain a fix for this problem and is actually compatible with WP Mollom. You can check out a copy from the DiSo Project’s Google Code repository if you really want OpenID and Mollom support on your site.

As always: refer to the documentation regarding all the in’s and out’s.


Mollom vs Netsensei

Over the past days, there were some hiccups with WP Mollom on my blog. Comments that were kept back and the likes. I had an little bit outdated version of the plugin running. Of course, over the past weeks since 0.5.1, I received quite some feedback. And over the weekend, there was a small adjustement in the Mollom API.

So I took action and during my daily commute from and to Leuven, I took the time to fix things up. I’m now running a test version of 0.5.2 on my blog. I improved the SQL yet again (thanks, Ben!) and a bug in the CAPTCHA form.

So drop a me line in the comments and if things don’t work out, don’t hesitate to contact me!

If you’re really willing, you can always give the development version a go. It contains all the latest changes and updates, but might not be so stable.


WP Mollom featured on

The plugin got featured over the weekend on It has now it’s own place in their downloadsection. How neat is that!

Mollom Featured

During my four days of relaxing at Rock Werchter, I received some much needed feedback from you. Over the weekend, I realized there are still an issue or two which needs taking care of. There was also a minor change in the API documentation which needs implementing.


WP Mollom “Holiday Edition” 0.5.1

I just released a minor update of WP Mollom with some bugfixes. This is the changelog:

  • Fixed: minor issues with the Captcha not being rendered correctly
  • Added: mollom_manage_wp_queue() function which adds Mollom support to the default comment administration panel
  • Improved: updating from a previous version is now more robust

More info and download on WordPress Extend


Mollom 0.5.0 out now!

It took me the better part of June to prepare a new version of Mollom. But today I released version 0.5.0. You can download the package here.

So, a lot has changed since version 0.4.0…

  • I rewrote the SQL after this suggestion on Pressed Words. Mollom now uses it’s own table to store all it’s data instead of fumbling with the WordPress data model.
  • I fixed the incompatibility issues with WordPress OpenID plugin.
  • Improved the error handling.
  • Status messages are now a lot more verbose
  • Added the mollom_moderate_comment($comment_id) tag for use in templates and themes. This allows direct moderation of a comment without first having to go to the dashboard.
  • … a lot more!

So download, go forth and protect your blog against those vile spammers through Mollom!


It’s out!

Well, nothing more to say for now: it’s out. You can download and play with it. It’s a first beta version so beasts can roar it’s head if you have a heavily customized wordpress installation with loads of plugins. Please, drop me a line with all your feedback, code, concerns, requests!

A big thank you to Dries, Benjamin, the testers and all those people that supported me!


Release of WP Mollom

So. I scheduled a first public beta release of my Mollom plugin somewhere tonight (CET/UTC+1). The plugin runs quite stable on my own weblog and spam is happily being blocked. I didn’t receive major complaints from testers or users on my own blog in the past week. Yesterday, I cleared the code with Dries who took a glance at the major functionality.

Of course, it wouldn’t be a first beta release if there aren’t still some irks lurking around in the code. This morning, Leo Arias mailed me that the plugin won’t work together with the WP OpenId plugin. Having toyed with my own OpenID implementation for WordPress, I’m not a great proponent of this technology. The way you have to design a plugin implies using several shortcuts. I’m not going to push my release back now, though. I will try to fix this issue in the next release.

My code will also be thoroughly reviewed by the Mollom people.

Thanks to all the testers and those who just listed to become a tester!


Mollom workflow

Dries made me a nice diagram on the process flow of Mollom. It shows the order in which your Mollom programmable should excute the different API calls.

Note: You should never try to save data to the database before all the Mollom checks including the CAPTCHA have been cleared. The idea is that through the challenge-response flow, the contributor has to validated him/herself as a human instead of forcing the administrator to make an educated guess.

As for the plugin itself: I noticed several small booboo’s myself over the weekend and sorted them out. A public release should be very soon-ish.


Statistics for Mollom

Because numbers and graphics can express so much more then words: a visualisation of how Mollom is protecting my blog against spam. I’ve been testing my plugin on and off for the past 2 weeks on my own blog.

Mollom for WordPress

The new beta release is almost ready by the way. Just need to pack and ship it to the testers tonight. So here’s what’s new:

  • Decoupled moderation from the CAPTCHA test. Moderation is now optional. If you fail to complete the CAPTCHA, your comment is not saved to the database.
  • Major improvement of the error handling. I dove into WordPress’ error handling. I think people should make more use of the WP_Error class in combination with wp_die(). Maybe I’ll do a small item on that one.
  • I added trackback support. Of course, displaying CAPTCHA’s for trackbacks isn’t going to work. So after discussing it with Dries, instead of trying to solve the CAPTCHA problem, those trackbacks are blocked as well.

As things get finalized, I’m thinking about doing a very first public beta release sometime next week. I had very few feedback from testers so far in fact. If people are still interested in joining me for a last spin: drop me a line!