Please sir, can I have more?

A poor urchin goes up to the headmaster, “Please sir, can I have more comments?”
The headmaster looks down from his perch and with a grimace says, “Not before you show me your cookie!”

Well, the poor lad never did get any more comments. He didn’t have the right cookie, but you can. Just grab my Cookies For Comments plugin and anyone who leaves a comment on your blog will need the correct cookie. That will stop quite a bit of comment spam dead in it’s tracks.

It’s the first release and fairly simplistic, but it should give some comment spammers a headache for at least 10 minutes. It’s about time they upgraded their spamming tools anyway. According to my log file, it had stopped over 18,600 spam comments in the last week or so. The rest got handed to Akismet and it stopped several thousand more. They’ve been busy haven’t they?

So, should you use this instead of Akismet? Not a chance. This will only stop the brain dead comment spammers who use automated bots to post to the comment form. Trackback and pingback spam and spammers who either use poorly paid human slaves or browser based user agents will defeat this.

If you use a caching plugin such as WP Super Cache make sure you clear the cache after enabling this plugin. Also, I’m not sure what will happen with those plugins that merge CSS files together.

Thanks Dan for the idea!


The most prolific commentators of June 2007

Short and sweet, the people who left the most comments on my blog in June 2007 are:

  1. Robert
  2. Dankoozy
  3. David Precious

Thank you guys for participating!

It doesn’t take much to get to the top of that list, but I will delete or ignore comments from people who I feel are just taking the mickey and leaving one or two word comments!


Please type my name

I just had a thought after filling in an anti-spam keyword in a comment form. Sometimes my thoughts are interesting but this isn’t one of them. Justin Mason asks you to type his first name as a means to defeat spam bots. I bet if I did the same, even going so far as writing my name next to the box people would misspell it. “donnacha”, “donacha”, “doncha” and “dunacha” are all variations I’ve seen. You don’t want to know how Sky Digital butchered it!

For extra fun I could have an audio clip saying my name instead. I might not ever receive a comment ever again!

Jacinta and Adam came home from the hospital yesterday, my brain is lightly fried, with chips and tomato sauce. Thank you so much Mairead for making us dinner and minding Adam so we could get a short rest! Aren’t family great?


WP Plugin: Import your Flickr comments

I have had a plugin running on my photoblog In Photos for quite a while now that imports comments on my Flickr stream into my blog posts. It prefixed “Flickr:” to the username and linked back to the Flickr comment.

Due to overwhelming demand (two people asked!), I cleaned up the plugin a bit and put a configuration page on it and called it the Flickr Comment Importer. There are a few things to consider if you want to use this plugin but it’s straight forward to install and configure and it’s all documented on the plugin page.

Download it now!


Knock! Knock! Hallloooooo?

Is anyone out there? Next time you come across a blog post without a comment, take a few minutes to stop and chat and leave some feedback. You’ll make someone’s day, I promise.

Automattic Web WordPress

Is Flickr under attack by spam?

Has anyone else noticed an increase of spam comments on Flickr lately? I noticed my first spam comment there only last week, complained about it, and the comment and user were both deleted shortly afterwards. I thought nothing more of it.

This morning I got an unwelcome shock when I checked my Flickr comments through Bloglines. More spam comments. There’s a screenshot below. When I clicked through to the photos in question both comments had been deleted but later on another spam comment appeared and I now suspect any comment left by users with usernames starting with “a” with a mixture of upper and lower case characters and digits. Maybe it’s time they invested in an Akismet license for Thanks Lloyd for the reminder!

Continue reading “Is Flickr under attack by spam?”


Caching WordPress with WP-Cache in a spam filled world

WP-Cache and spam. Who’d have thought they were related? Unfortunately they are because when your blog is spammed WP-Cache doesn’t check if the comment is legitimate or not and deletes cached files related to the spammed post.

I noticed this happened a lot on In after I added thumbnails to the top of the page. The thumbnails change when the page is regenerated but I noticed that they would change much more frequently than expected. After some debugging I realised that comment spam was invalidating the WP-Cache cache.

How do you fix this? Here’s a small patch that can be applied to wp-cache-phase2.php, version 2.0.19 (and probably lower) that checks if the submitted comment was moderated or not. You’ll also find wp-cache-phase2.txt below. Just rename that to .php and copy it into your plugins/wp-cache/ folder for it to work.

Remember to update WP-Cache too. Despite last year’s date on the above post, it was updated as recently as last month!


  1. wp-cache-phase2.diff
  2. wp-cache-phase2.txt

Patch will be on it’s way to gallir in a few moments but if you’re using WP-Cache this could be a big help to your site. (and if you use Ultimate Tag Warrior I hope you’re using my patch?)


Brians Latest Comments Cached

After the success I had with Ultimate Tag Warrior I turned my eye to another popular WordPress plugin that I use: Brian’s Latest Comments.

This plugin lists the latest comments on your blog and I wanted to squeeze every bit of performance out of my server so I guessed that caching the output of the plugin would save several queries for every page generation. Comments are cached for an hour. The cache isn’t invalidated by a new comment so don’t worry if the comments list doesn’t update immediately after a comment is made.


I used the same cache directory that WP Cache 2.0 uses, wp-content/cache/. You’ll have to create that directory and make sure the webserver can write to it. The simplest way of doing that is by running the command chmod 777 cache. Download the file below and copy it into your plugins directory. If you’ve never installed the original plugin you’ll need to download it and read the install.txt to find out how to use the plugin.


brianslatestcomments.txt – rename to .php and copy into your plugins directory.