Skip to main content

I’ve added Captcha to the Comment Form

I’m sorry to have to announce this, but I’ve added a captcha to the comment form.

Due to an overwhelming and unending amount of spam, I find myself forced to add a captcha in the hopes it will filter out the bots. I don’t like captcha and I’m sure you don’t like it either, but I am getting so much spam each month that it’s either add a captcha or disable the comments entirely (or switch to a comment platform like Disqus or Livefyre, but I would rather close the comment section than deal with those folks).

According to akismet, this blog got 559,815 spam comments in December 2013. That is 10 times the amount of spam I had to deal with in December 2012, and there is no sign that the onslaught will abate any time soon. January promises to be just as busy; I’ve already had to deal with 341 thousand spam comments.

So at this point I cannot put it off any longer. Sorry.

Similar Articles


Mackay Bell January 18, 2014 um 10:28 pm

Just tried it. Doesn’t seem to difficult to deal with.

WT (Tom) Sharpe January 18, 2014 um 10:30 pm

That’s a very simple Captcha. I was expecting those numbers and letters done up in twisted shapes. Let me know how successful it is at stopping spam.

Nate Hoffelder January 19, 2014 um 7:30 am

This morning I had only 13 spam comments waiting for me to review, and not 6 hundred or so. I’d say it’s very effective.

kevin January 18, 2014 um 10:45 pm

Seems easy to use. However, since I often use Disqus to comment, why did you say that "I would rather close the comment section than deal with those folks"?

Nate Hoffelder January 18, 2014 um 10:55 pm

I don’t like LiveFyre (sp?) because they think it’s cool to spam my twitter account when I leave a comment when signed in with that account.

And I don’t like Disqus because this service will let you login with a Google/Twitter/FB account and then requires you to log in a second time with a Disqus account. it’s frankly stupid.

Scott Tuttle January 18, 2014 um 10:51 pm

you should use that captcha they use to convert old books to ebooks. seems fitting with the theme of the site.

Nate Hoffelder January 18, 2014 um 11:09 pm

I have a lot of trouble with that one, so I’d rather not add it to my blog.

Name January 19, 2014 um 5:52 am

I’m glad you’re not using that one (is it called reCaptcha?). From my experience, it is tied to Google and does not work for me. I like your uninvasive solution. Should that cease to work at some point (when automated bots start to get smarter) you should switch to some sort of custom sematic captcha. I like the approach that’s seen in the NetBSD bug report form (look at their captcha at the bottom):

Howard Lee Harkness January 18, 2014 um 10:57 pm

I recall a spam trap method that involves a checkbox that only a spambot can detect, and is tricked into either checking or unchecking it. I’ve thought about using something like that on my own blog, but I’m not (yet?) lucky enough to have enough traffic to worry about things like that.

Nate Hoffelder January 18, 2014 um 11:04 pm

Now that would be useful. I’m going to go looking for it.

Sarah Ettritch January 19, 2014 um 7:38 am

It’s called GASP (Growmap Anti Spam Plugin), and I used to use it on my sites. At some point, it stopped working. Too many bots were getting through. Check it out anyway, because when it worked, it stopped 99.9% of bots in their tracks. Maybe the developer has fixed it. BTW, I’m now using the same plugin you’re using.

Al the Great and Powerful January 19, 2014 um 12:19 am

I can’t even see Disqus (Ghostery kills it), so I support yout CAPTCHA solution.

Greg Strandberg January 19, 2014 um 12:37 am

Bummer, but I guess you’ve made it to the big time, huh?

ucfgrad93 January 19, 2014 um 1:08 am

Well, that stinks that you had to do this but it is understandable.

Josh January 19, 2014 um 4:39 am

Hey Nate,

We invite you to use our sweetCaptcha 😉
If you have any questions please let us know.

Have a great week!

Name January 19, 2014 um 7:21 am

Please don’t advertise a captcha service that does not even work. At least, if was supposed to demonstrate your captchas, it did not work for me, since it did not even show a captcha. Please test your own service first with a browser that has JavaScript and cookies disabled and third party domains blocked (yes, this includes servers that you don’t control yourself and from which you load unchecked JS libraries) before you consider asking anybody else to try it out.

Fritz G January 19, 2014 um 10:35 am

That’s a fairly simple captcha to use; mine shows a simple addition problem. The worst are those contorted letters that look like they were drawn by Picasso on LSD. By the way, I also use Ghostery, but make an exception in it for Disqus to function when I want it to.

CJJ January 19, 2014 um 10:53 am

This is very easy to use. Good call and understandable given the spam numbers you reported.

dave January 19, 2014 um 1:14 pm

Nate, it’s painless to use, but what in the world is the point of all that spam – is a small family
of botnets heading nonsense your way or what?

Nate Hoffelder January 19, 2014 um 6:11 pm

In a word, yes.

I’m also on someone’s hitlist for hacking/DDOS. Remember in May/June 2013 when my blog went through about a week of being inaccessible? That was a small botnet trying to attack my blog.

That bot net is still an issue, too. Every so often they change their IP addresses and attack again.

AD Starrling January 19, 2014 um 5:36 pm

Still here 🙂

Dan February 18, 2014 um 8:28 am

Seems quite flaky. Sometimes rejects an obviously correct answer.

Nate Hoffelder February 18, 2014 um 8:34 am

This isn’t the first time I have received a complaint. I’ll go look for a replacement.

Write a Comment