WP Plugin » SpamKit Plugin 0.1 - Time-Based-Tokens to Fight Spam
This is a minor release of SpamKit Plugin to address an easy-to-fix problem where Trackbacks from the same blog or server get treated as spam because they don’t include the time-based token. This is checked into Subversion over at WP-Plugins.org and you can download the new version here spamkit-plugin.php.
Changelog:
Added a check in spam_action_pre_comment_approved to compare the REMOTE_ADDR with the SERVER_ADDR, if they match it allows the comment to bypass time-based token checking. However this could be abused if another web application on the server is exploited allowing an attacker to post comments apparently from this server. Then again if someone goes to all the effort of expoiting a web application comment-spam is probably low on their priorities.
About this entry
You’re currently reading “WP Plugin » SpamKit Plugin 0.1 - Time-Based-Tokens to Fight Spam,” an entry on Weblog of Michael Cutler
- Published:
- 23rd January 2006 / 3:01pm
Related Entries
- WP Plugin » SpamKit Plugin 0.2 - Time-Based-Tokens to Fight Spam
14th February 2006 - SpamKit Plugin moved to WP-Plugins.org
3rd January 2006 - SpamKit
8th March 2006 - WP Plugin » SpamKit Plugin 0.3 - Time-Based-Tokens to Fight Spam
15th February 2006 - WP Plugin » SpamKit Plugin 0.0 - Time-Based-Tokens to Fight Spam
6th December 2005
No comments
Jump to comment form | comments rss [?] | trackback uri [?]