Over the last few days, I’ve installed a few WordPress plugins, both here and at the radio club’s website. One is Akismet, which as thus far done a wonderful job of snagging spam comments posted here, and not even emailing me about them. They never made it to the pages anyway, because new accounts have to have one approved comment before they can post; but now I don’t have to even see the emails about them, which is nice.
The other plugin is called PHPEnkoder and is related to email. Normally, you’d see an email address like this: Email me! The problem with these links is that they can easily be harvested – a script can read the “mailto” part of the link, and know to expect an email address. There’s ways around that, like using Unicode characters to display the address in a browser but require something to decode them first, but those are easily foiled with a little bit of scripting and not computationally intensive. Instead, PHPEnkoder works by creating a self-referential JavaScript bit that must be executed on the browser in order to display the link. If you have JavaScript turned off, it just shows up with a tag to say “email hidden; must have javascript enabled”. But it keeps spammers away because not only do they not really use JavaScript in their harvesters (it’s CPU intensive), but also because the code itself takes time to execute. Not very long for a single person at a browser, in fact the page where I first wanted to set this up (shown here) only takes an extra second to load. But if a spammer had to load a full Java implementation into their program, and deal with all that CPU load over time.. it’s not worth it to them.
So it’s not perfect.. but it’s much better than it was before.