Wp hashcash plugin for WordPress?




I recently did a one-click install of WordPress 2.8.1 and the Dreamhost install included the WP Hashcash plugin: http://wordpress-plugins.feifei.us/hashcash/

I’ve now got version 4.3 installed – may have upgraded from the Dreamhost install.

I have it activated, my theme has
just before the tag and

do_action(‘comment_form’, $post->ID);

just before the tag in the comments.php file.

However, I can’t see that the plugin is doing anything other than putting its tagline below the form. [I registered as a new user and posted a comment – there wasn’t any challenge of any sort to that.]

Since this “comes with” the Dreamhost install, I thought I’d check here to see if anyone has other info. [The forum on the plugin site has an unanswered question about how/where to put the plugin hooks.]



It sounds to me as if you don’t understand how it works.

“WP Hashcash is an antispam plugin that eradicates comment spam on Wordpress blogs. It works because your visitors must use obfuscated javascript to submit a proof-of-work that indicates they opened your website in a web browser, not a robot. If the javascript check fails, WP Hashcash now gives you three options; it can either put the comment into moderation (default), put the comment in the akismet queue, or delete it.”

The correct way to test it is turn JavaScript in your browser off and then visit your blog and try to post a comment.

This is similar to checking if a visitor has web site cookies. On the first hit you give them a cookie, and on the next hit you check to see if they give the cookie back. In this case on the first hit you ask their browser to run some JavaScript code, and on the next hit you see if the code was run or not. In either case the person visiting the site doesn’t do anything other than enable or disable the cookies and JavaScript settings of their browser.

So that’s how it works. Have you tried turning JavaScript off in your browser?

Customer since 2000 :cool: openvein.org


Sorry if I wasn’t clear. Yes, I agree that I don’t understand how it works – or even what it’s supposed to do over and above Akismet (which has worked well for me).

I did some quick tests with Javascript turned off.

Somewhere I got the impression that it would handle registration spam - but I was able to register with Javascript turned off so I guess I’m mistaken. I also read “submit a proof-of-work” to mean something like respondign to a Captcha prompt but it must mean something different (and invisible to the user) or else I don’t have it installed correctly.

Thanks for the comments!