Opened 2 months ago
Last modified 2 months ago
#62703 new feature request
Do not allow to leave a comment that contains prohibited keywords
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | |
Component: | Administration | Keywords: | |
Focuses: | administration | Cc: |
Description
Thousands of websites face spam and hacking attempts through comments. To combat this, various moderation, validations, captchas, plugins, etc. are involved. Unfortunately, such solutions do not always cope and load the website using external scripts, etc.
Proposal to improve WordPress security:
Currently, on the page /wp-admin/options-discussion.php there is a block "Prohibited comments keywords" it acts as an automatic moderation for sending to the trash (i.e. comments are still accepted, so the trash can can contain a lot of spam).
I propose to modernize this function, namely to allow administrators to choose what to do with comments that contain prohibited comments keywords (radio button):
- send to trash
- do not accept (when clicking on submit button, perform system validation, if there is a word from the list, then display a notification to the user that the comment is prohibited)
Thanks, @tunyk, for the suggestion! I think it's a great idea to prevent spam and hacky comments from entering the system rather than accepting and then trashing them.
I believe the change would involve extending
wp_check_comment_disallowed_list()
to either continue with the current trash behavior or return an error for blocking the disallowed message, whichever action is preferred by the admin.We can add a condition here to block the posting of disallowed comments
if ( $blocking_disallowed_comment ) { return new WP_Error( 'comment_disallowed', __( 'Sorry, this comment cannot be submitted as it contains prohibited content.' ), 403 ); }
I do invite discussions if there are better ways to handle this.