The last week or so I've been getting slammed by "Nice site" blog comment spam that just wants a link to some dubious Web site. I'd turned on "approval for everyone" but that just means that it doesn't show up on the site--I still have to delete it and it got to be a pain.

In an effort to fight spam while keeping my site as open to feedback as possible, I've added a CAPTCHA to the comment page. The package I'm using is SCode (Movable Type). It's not too sophisticated, but it works and I imagine it will ward off the big offenders for now.

The hardest part of installing it was getting the GD Library built. It's got 4 or 5 dependencies and then I had a few other problems which were the result of stupidity on my part (using an older version of the library I had lying around). After that, it was as easy as installing and configuring most MT plugins.

As I was working on this, I began to think of a CAPTCHA as a very broad form of authentication--in this case letting people broadly identify themselves as "human." That's all I care about and so making people log in would be asking for too much specificity in their identity parameters.

Feel free to try it out.


Please leave comments using the Hypothes.is sidebar.

Last modified: Thu Oct 10 12:47:19 2019.