WP Captcha-Free
Description: WP Captcha-Free blocks comment spam by using a combination of time-based hash (a.k.a. Time Based Tokens, TBT) and JavaScript (AJAX). When a comment is posted the plugin validates a hash based on time (and some other parameters). Comments posted via automated means will not have a hash or will have an expired hash and will be rejected. Unlike using a captcha, this does not place any burden on the commenter.
Additionally, WP Captcha-Free uses ajax to get the hash only when the form is submitted instead of adding it statically to the page (which is cached by caching plugins). This adds another layer of security and makes it compatible with caching plugins like WP-Cache.
Features:
- Blocks automated comment spam and ensures that your commenters are human.
- Works without inconveniencing visitors with CAPTCHAs, challenge questions, etc.
- The plugin requires no database access and adds almost zero overhead.
- The plugin works out of the box without any configuration or setup.
- Compatible with all cache plugins, including WP-Cache.
- Doesn’t require editing any .php files.
Installation:
Just download the .zip file and upload the file ‘captcha-free.php’ to your ‘/wp-content/plugins’ directory. Now login to the Wordpress administration area and activate it under the “Plugins” section. That’s it! WP Captcha-Free will start blocking comment spam behind the scenes.
Rating:
(18 votes, average: 3.72 out of 5)
Size: 2.6 KB
Downloads: 1072 [Download Now]
February 21st, 2008 at 6:52 pm
Ok cool deal
February 25th, 2008 at 10:03 am
Grabbed the plugin and testing it on a new site now. Using the latest version of WP. SHall give you a shout should i run across any problems.
Regards
Off-it
March 1st, 2008 at 12:26 am
I wonder how you can assume a result made by computer-generated computations (using JavaScript) ensures a comment is written by a humain being. All your plugin does is to ensure one uses a browser to post a comment. Say I develop a Firefox plugin to spam your blog. Your plugin won’t be able to stop it.
Moreover, what happens if a visitor has deactivated JavaScript in his browser? What would happen if the user is behind a proxy server? I guess visitors won’t be able to comment in both cases…
March 1st, 2008 at 12:57 am
You are right about the first part. Yes, someone can use a browser to spam. But do spammers do that? Won’t it considerably slow them down? No plugin is foolproof. Spam and anti-spam tech evolves constantly. For *now* this works.
Yes, it clearly does require JavaScript. But, about 94% users have JavaScript enabled as of Jan 2007 (source: http://www.w3schools.com/browsers/browsers_stats.asp). That number is likely more now if you notice the trend. For me its a choice between using a captcha and inconveniencing 100% of my visitors or <6%.
No, proxies don’t matter (unless the proxy filters out JS).
BTW, thanks for your comments. If you have any suggestions please do let me know.
March 2nd, 2008 at 5:33 am
It looks like you got your idea and the name of your plugin from WP-SpamFree. Also you have copied most of the text in the bullet points of your description from that plugin as well-almost word for word. You need to be careful because that is a DMCA violation. With GPL you have to give attribution for code,but you can’t copy marketing text or descriptions.
March 2nd, 2008 at 11:33 am
> It looks like you got your idea and the name
> of your plugin from WP-SpamFree. Also you have
> copied most of the text in the bullet points
> of your description from that plugin as
> well-almost word for word.
Not true, in fact I first saw WP-SpamFree after I had completed the plugin and was writing a description (not very good at documentation, I was looking what other similar plugins had written). After reading WP-SpamFree’s feature list I couldn’t write mine another way since both plugins essentially offer the same advantages. But you are right, that’s a terrible thing to do in the age of DMCA (though I am not a US citizen
) and I’ll reword my feature list in the next update.
The idea is not really the same either. My plugin uses time-based hash (generated on the server side) and JavaScript (AJAX) while WP-SpamFree uses JavaScript and cookies. If you look at the code I am sure you’ll find no similarities there either.
Anyways, thanks for looking at my plugin and I hope you’ll still give it a try. Criticism (constructive or otherwise) is always welcome
.
March 7th, 2008 at 2:19 am
Nice plugin
March 8th, 2008 at 7:30 pm
Hi!
Your plugin is very promising, but it doesnt work together with Better Comments Manager.
Could do you make your plugin compatible with it? (maybe make some check about if the user is logged, and if logged no need to make hash check).
March 9th, 2008 at 1:59 am
oh thx 4 plugin
March 10th, 2008 at 9:09 am
Hi there, I’d love to use your plugin but unfortunately it stopped all comments from comming in. Once the user clicks “submit comment” it says “please wait…” and nothing happens. The theme we are using is wp-magazine.com
thanks!
March 10th, 2008 at 9:36 am
Hi Sandra,
Thanks for letting me know. Can you enable the plugin on your blog for a little while so I can see what’s going on?
March 10th, 2008 at 12:30 pm
Hi,
I had not uploaded the .php file right into the plugin directory. Ooops! IT works now and it’s a beauty! Thank you soooooo much!
March 21st, 2008 at 5:51 pm
Hi There,
I installed the plugin and noticed that my comment spam levels dropped to zero. This is great! However, I tried to post a comment on one of my posts, in response to some elses comment, and noticed that the form would not sumbit. When I clicked on the “Post Comment” button, it turned into a “Please wait” and then just stopped. The comment never got posted. I tried several times with the same result. When I de-activated the plugin I could post comments again.
Any idea what might be causing this? Anyone else experienced a similar issue?
Thanks,
Stephen
March 21st, 2008 at 10:41 pm
Stephen,
You may have uploaded the captcha-free.php file to a sub-directory of your plugins folder. Please upload captcha-free.php directly to /wp-content/plugins folder. Let me know if this works for you.
March 27th, 2008 at 3:32 am
New to blogging and gutted to have spam comments - got my hopes up that I had some readers! When I found your plugin via Wordpress the hopes have gone up again. I will let you know if there are any issues. Thanks for your time and know how.
April 2nd, 2008 at 7:22 am
Would be cool to see this work on the user registration form.
thanks.
April 10th, 2008 at 3:46 am
Stephen,
I bet you are running WP 2.5
I had captcha free running on 2.3.?
After upgrading to 2.5 i had the same as you. I gues captcha-free doesnt work on 2.5
April 11th, 2008 at 2:32 pm
Thanks for a great plug-in!
April 19th, 2008 at 12:59 pm
nice work
April 22nd, 2008 at 7:48 am
Hi,
I keep getting the error: Invalid Data: Please go back and try again.
I figure it has to do with the code below, but I can’t seem to make it work. It does work for some visitors but not others.
// Validate the hash
add_action(’preprocess_comment’, ‘cf_comment_post’);
function cf_comment_post($commentdata) {
// Ignore trackbacks
if($commentdata[’comment_type’]!=’trackback’) {
// Calculate the timehash that is valid now
$timehash=timehash($commentdata[’comment_post_ID’],time());
// Calculate the timehash that was valid 1 hour back to give some cushion
$timehash_old=timehash($commentdata[’comment_post_ID’],time()-3600);
if($_POST[’captchafree’]!=$timehash && $_POST[’captchafree’]!=$timehash_old)
wp_die(’Invalid Data: Please go back and try again.’);
}
return $commentdata;
}
April 22nd, 2008 at 11:49 am
Maybe you can update your entry/plugin to show if/make it wordpress 2.5 compatible.
April 25th, 2008 at 12:16 pm
Simple suggestion for future updates: the tag containing “Spam protection by WP Captcha-Free” should have an id attribute.
Anyway, nice plugin. Seems to be working well for me.
April 29th, 2008 at 11:24 am
I installed this the other day, and it’s fabulous. I’m getting more comments than I was with the often faulty, always irritating captcha software I was using before. Just one thing, though. People who use AOL’s browser are getting an error when they try to post: Invalid data. Please go back and try again. Any thoughts I can pass along to them, or are they SOL?
May 2nd, 2008 at 4:24 pm
Thanks. This is great.
May 4th, 2008 at 11:22 am
really great
May 5th, 2008 at 5:20 pm
hi there .thanks for plugin:
Does anybody know if tis script is compatible with Wordpress 2.5.1?
Thanks in advance for any help on this!
best regards
May 7th, 2008 at 3:38 am
WP Captcha-Free is not compatible with Wordpress 2.5, yet.
May 10th, 2008 at 1:58 pm
Thankyou.. i will try this plugins..
May 10th, 2008 at 1:59 pm
@iDope, yes .. true..
i’m not read your las comment… sorry.. but i will wait your next version… 
May 12th, 2008 at 12:37 pm
So this doesn’t seem to work anymore.. I don’t see the captcha and it’s not asking me to confirm any image….
May 13th, 2008 at 10:44 pm
great idea and work! thanks
May 14th, 2008 at 5:24 am
Is there any img verification for posting?
May 14th, 2008 at 5:40 am
The aim of this plugin is not having to use image verification.
May 30th, 2008 at 9:16 pm
Mmmm…. que mal ya no funciona en Wordpress 2.5
June 17th, 2008 at 6:17 am
When people try commenting on my Wordpress MU site all it does now after you click submit comment is to change that button to “Please wait”. So no new comments can be added.
100% spam free though
June 20th, 2008 at 11:00 am
Work in new version WP ?
June 28th, 2008 at 7:37 am
Work PERFECT !
July 8th, 2008 at 9:49 am
@Thomas: Please make sure you copy the “captcha-free.php” file directly to the wordpress plugins folder and not to a subfolder.
August 1st, 2008 at 4:20 am
This is a great plugin
August 7th, 2008 at 7:51 pm
Wordpress: 2.6
Theme: Redie 3.0 by Steve Arun
I have installed your plug-in and I get the following message after I try and comment on a post:
Invalid Data: Please go back and try again.
I have it disabled currently but would love to give it some use… spam bots are so annoying…
Thanks!
August 8th, 2008 at 3:34 am
@Jason: Are you sure you copied the captcha-free.php file to /wp-content/plugins directly and not to a sub-folder?
August 8th, 2008 at 11:57 am
@iDope: Thanks for the quick response. Yes I am sure that captcha-free.php is in /wp-content/plugins and not a subdirectory. I am assuming you are considering the wordpress directory the root? I deleted and just now redownloaded from this page and uploaded. Still nothing though. I get the same error.
permissions are 644 so I don’t think that is any issue. there isn’t any modifications to the template code that needs to be done, is there? (As I do not have a default template)
Leave a Reply
Theme Search
Themes
Wordpress Themes & Layouts is proudly powered by WordPress
Entries (RSS) and Comments (RSS).
22 queries. 0.669 seconds.