Version 2.10.0 beta released! | Peter's Custom Anti-Spam for WordPress | Forum
Back to the custom anti-spam plugin page
Log In
Home
Topic RSS
10:26 pm
Offline
Version 2.10.0 will add anti-spam protection to the WordPress registration form and a corresponding blacklist for registrations.
To test the registration form protection, set $cas_reg_protection equal to "true".
Note that the beta only runs on WordPress 2.1 and higher.
4:44 am
I just wanted to say thanks and keep up the great work. Ive been away from WP for a while but installed it today and added your plugin (2.10.0 beta). No really traffic yet since its a beta website and not so many ppl know about it, but im sure this is a great addon/plugin when it will get more traffic. Maybe you can add a howto, how to change your wp-login.php name to keep som automated bots away. I think ive managed to do it. Correct me if its not done properly.
You need to change all places where wp-login.php is to ex. othername.php.
do it in following files..
wp-login.php
wp-admin/admin-header.php
wp-includes/general-template.php
wp-includes/pluggable.php
11:30 pm
Offline
Thanks for the tip! WordPress could have made it easier had the name of the login file been easier -- there's 19 wp-login.php references in wp-login.php itself...
However, wouldn't it be better to rename wp-register.php instead? After all, the bots can't cause as much trouble if they can't even get an account...
12:49 am
hmm didnt think of that :) but.. isnt that just a redirect to wp-login.php?action=register ?
im using ultraedit editor and if i choose "replace" wp-login.php.. its done within a couple of seconds.
Edit: found of course wp-login.php in comments.php
12:58 am
Offline
Ah, of course. You are correct in that it just redirects.
It is a good tip. I should lump it together with renaming wp-trackback.php and wp-comments.php, although they are probably a lot less effective at blocking comment spambots than renaming wp-login.php is at blocking account registration spambots. The reason is that the comment spambots got smart and started looking at where the comment form posts to. I don't think the registration spambots have a way of finding out what you've renamed wp-login.php to unless you link to it :D
4:41 am
cheers! its friday :)
your update to 2.9.7 .. does 2.10 beta have to be fixed to ?
OT: could see your a canuck fan .. the Sedin brothers lived and played in a town not so far away from me, before NHL :)
3:05 pm
Offline
I updated the 2.10.0 beta to reflect the change in 2.9.7... I guess I should have called it beta2, but I guess that's the kind of mistake that non-developers like me make :P
Yeah, the Canucks are my hometown team! I guess that makes them sort of your hometown team by association? Hehehe...
10:56 pm
ok .. ill redownload 2.10 then..
No, my city has a rival team :)
My team:
http://www.skellefteaaik.se/
Maybe you know this player? Lee Goren
http://www.skellefteaaik.se/sp.....?number=37
Sedin, Naslund, Forsberg etc. team
http://www.modohockey.se/
5:46 pm
Offline
Yeah, Lee Goren, he was a Canuck before! I'd wondered what happened to him.
I've now added your tip to this page:
http://www.theblog.ca/wordpres.....e-comments
However, consider this: if you access /wp-admin, it automatically redirects to wp-login.php. So if you change all references to wp-login.php, spambots can still figure out that address by accessing /wp-admin. What would be effective is to rename only the references that affect the login functionality, but allow it to break the /wp-admin redirecting reference...
3:33 am
true true..
cool :) hope i dint miss som places where wp-login.php is
Tip: try bbpress .. think its really great ;) http://bbpress.org/
