Yesterday, I installed an addition to the first line of defence against comment and trackback spam that Akismet is so successful at.
That addition is reCAPTCHA, a plugin for WordPress (with versions for other platforms), that adds a step to commenting – one that’s increasingly common on other platforms, too – which requires you to type two words from distorted text, just like the example shown in the image here, before you can submit a comment.
Note that it doesn’t prevent trackback spam, only comment spam that requires someone to type something on your blog.
Detailed info about captchas and how they work is in this Wikipedia entry. But, simply put, a captcha is a tool that can tell whether the typer of text is a person or a computer. As it’s a challenge-response system, and pretty random, computers generally can’t pass the test.
Akismet is very good indeed at trapping spam, both comments and trackbacks. But I thought I’d try this as well to be more preventative, ie, stop the stuff even getting here.
So this plugin should prevent the volumes of computer-generated comment spam so prevalent these days from actually getting to this blog in the first place.
Not sure if it actually works, though.
Take this spam comment, for instance:
This was one of about 50 trapped by Akismet overnight last night, after I installed reCAPTCHA.
I didn’t expect to see stuff like this.
Either the spammer manually typed everything and also passed the challenge-response test, or it was done by a spambot and so got through the defence (but still trapped by Akismet).
I actually don’t know. Maybe spammers do employ armies of humans out there somewhere who really do manually type in this type of crap.
Is any kind of captcha worthwhile, I wonder? One reason I like reCAPTCHA is that it doesn’t require anything else installed on my server, unlike many others which need at least special fonts installed.
Plus I do like the model – when you type in the required words, that helps digitize books in the public domain. Learn more from the reCAPTCHA site.
So what do you think? Is this worth running on my blog? Does it make leaving comments more difficult for you?
Leave a comment :) Thanks.
[Update 21/9/07] I’ve de-activated this plugin and reverted back to Akismet. Far too much crap getting through to the comment moderation queue that I’m certain Akismet would have stopped in its tracks and marked as spam. I just don’t see a benefit from reCAPTCHA.