Update "Comment Blacklist" spam terms to manage spam in forms and comments
Updates the “Comment Blacklist” in Settings / Discussion with a list terms from a remote or local source. By default it get’s the data from Github (“wordpress-comment-blacklist“) by Grant Hutchinson) but you can also get them from any URL or from a local blacklist.txt file.
This plugin is an enhanced version of the plugin Comment Blacklist Manager. We decided to create this enhanced version of the plugin, because we wanted to be able to add blacklists without using filters and directly from the WordPress administration. You can still use a filter to modify the blacklist sources if that is more convienient for you. And we also wanted to have more information about the plugin in SETTINGS / DISCUSSION; for example when the blacklist was updated and when it will be updated next time, when the blacklist sources were updated, etc.
You can configure three sources for your blacklists:
And you can use the filter cblm_sources
to replace all the blacklists or to add more. If you replace all blacklists with the filter, the settings done in the WordPress administration will be ignored. We decided to keep the same filter as used by “Comment Blacklist Manager” to make it easy to switch between both plugins.
Please note: After the September 2023 update only users with administrator privileges can use this plugin. If you’re not an admin you will get following error: “You do not have sufficient permissions to access this page”.
The plugin updates the “Comment Blacklist” in Settings / Discussion with a list terms from a remote or local source. By default it get’s the data from Github (“wordpress-comment-blacklist by Grant Hutchinson) but you can also get them from any URL or from a local blacklist.txt file.
If you want to reduce spam received in your comment forms but also in your contact forms (for example when using Contact Form 7), using blacklisted terms can help.
Contact Form 7 encourages to use: Akismet, reCaptcha and the comment blacklist to reduce contact form spam.
Contact Form 7 supports spam-filtering with Akismet. Intelligent reCAPTCHA blocks annoying spambots. Plus, using comment blacklist, you can block messages containing specified keywords or those sent from specified IP addresses.
The best way to reduce the contact form 7 spam is to use a very extensive term database which is updated regulary with new spam terms. And this plugin does exactly this: Updating the blacklist regularly.
Since 2011 Grant Hutchinson has been identifying and compiling over 34,000 phrases, patterns, and keywords commonly used by spammers and comment bots in usernames, email addresses, link text, and URIs.
His blacklist is very extensive and that’s why we love it.
As with all compilations, this blacklist is a work in progress and it is updated more or less every month. And each of these updates will be included automatically with the update process that runs every 24 hours.
Sometimes simple is better.
If you know another source that is as extensive as this one, drop us a message and we will check if it’s interesting to add it also as a default.
PHP version 5.6 or greater.
This first release is avaliable in English and Spanish. In the “languages” folder we have included the necessary files to translate this plugin.
If you would like the plugin in your language and you’re good at translating, please drop us a line at Contact us.
You can access the description of the plugin in Spanish at: Actualizador lista negra de comentarios | WordPress Plugin.
For further information please send us an email.
/wp-content/plugins/
folder.After the September 2023 update only users with administrator privileges can use this plugin. If you’re not an admin you will get following error: “You do not have sufficient permissions to access this page”.
This plugin is an enhanced version of the plugin Comment Blacklist Manager. We decided to create this enhanced version of the plugin, because we wanted to be able to add blacklists without using filters and directly from the WordPress administration. You can still use a filter to modify the blacklist sources if that is more convienient for you. And we also wanted to have more information about the plugin in SETTINGS / DISCUSSION; for example when the blacklist was updated and when it will be updated next time, when the blacklist sources were updated, etc.
This plugin is based on the idea of the Comment Blacklist Manager plugin.
The default source for the blacklist is “wordpress-comment-blacklist” (a simple solution for WordPress comment spam) from Grant Hutchinson.
If you don’t make any configuration this source will be used.
Of course you can. You can configure them in SETTINGS / DISCUSSION or use the filter cblm_sources
. It’s easier to configure them using the WordPress adminsitration interface, but if you want more flexibility, you can use the filter.
You can use the filter cblm_sources
to add different source URLs. We decided to keep the same filter as used by “Comment Blacklist Manager” to make it easy to switch between both plugins.
Replace sources completely (setting of the sources in the administration will be overwritten)
add_filter( 'cblm_sources', 'rkv_cblm_replace_blacklist_sources' ); function rkv_cblm_replace_blacklist_sources( $list ) { return array( 'https://example.com/blacklist.txt', 'https://example.com/blacklist2.txt' ); }
Add another source to the sources configured in the administration
add_filter( 'cblm_sources', 'rkv_cblm_add_blacklist_source' ); function rkv_cblm_add_blacklist_source( $list ) { $list[] = 'https://example.com/blacklist3.txt'; return $list; }
The blacklist expects the same format as the “Comment Blacklist” in “Settings” / “Discussion”: One word or IP address per line.
Yes you can change it using the ‘cblm_update_schedule’ filter. We decided to keep the same filter as used by “Comment Blacklist Manager” to make it easy to switch between both plugins.
The standard update schedule is set to update once every 24 hours.
add_filter( 'cblm_update_schedule', 'rkv_cblm_custom_schedule' ); function rkv_cblm_custom_schedule( $time ) { return DAY_IN_SECONDS; }
The return can be provided in seconds or using the WordPress time contstants in transients:
1. MINUTE_IN_SECONDS = 60 (seconds)
2. HOUR_IN_SECONDS = 60 * MINUTE_IN_SECONDS
3. DAY_IN_SECONDS = 24 * HOUR_IN_SECONDS
4. WEEK_IN_SECONDS = 7 * DAY_IN_SECONDS
5. MONTH_IN_SECONDS = 30 * DAY_IN_SECONDS
6. YEAR_IN_SECONDS = 365 * DAY_IN_SECONDS
Yes. The plugin adds information to the database. When the plugin is uninstalled via the WordPress administration, these settings (options and transients) are deleted.
Settings that the plugin adds:
1. Option: blacklist_exclude
2. Option: blacklist_last_update
3. Option: blacklist_github_source_updated
4. Option: use_wordpress_comment_blacklist_splorp
5. Option: apa_another_blacklist_url
Transientes used by the plugin:
1. Transient: blacklist_update_process
2. Transient: blacklist_github_update_check
You can simply activate, deactivate or delete it in your plugin management section. The options and transients of the plugin are deleted when you delete it through the WordPress administation. If you want to keep the options delte the plugin folder (‘comment-blacklist-updater’) via FTP.
Install and activate. Navigate to “Comment Blacklist” in “Settings” / “Discussion” and see if the blacklist has been updated. And then go to “Blacklist Source” to configure it.
And from this moment on the amount of spam in the comment form and contact forms should be reduced.
After updating the “Comment Blacklist” with the blacklists, the page load can slow down because of the large amount of data that has to be shown on the page in “Comment Blacklist”. The default blacklist from Grant Hutchinson has over 34.000 lines that have to be shown on the settings page.
Unfortunately there is nothing that can be done about it.
Please remember to SAVE the configuration changes before running a manual update. The manual update does not save changes.
If you make configuration changes, SAVE and after saving run the manual update.
As we add setting to the standard DISCUSSION page of WordPress we wanted to make clear which settings have been added by another plugin and also make reference to which plugin has added these settings.
For us it’s important that everyone that installs the plugin can find easily the plugin that added these settings, even months after having installed it.
Please don’t use it with WordPress MultiSite, as it has not been tested.
Please don’t use it with the Comment Blacklist Manager plugin.
This plugin has been tested and works with PHP versions 5.6 and greater and we recommend using PHP version 7.1 or higher. The plugin has been tested with PHP up to 7.3. WordPress recommends using PHP 7.3. If you’re using a PHP version lower than 5.6 please upgrade your PHP version or contact your Server administrator.
Yes. The plugin requires a PHP version 5.6 or higher and we recommend using PHP version 7.1 or higher. The plugin has been tested with PHP up to 7.3. WordPress recommends using PHP 7.3.
Of course we do. That’s why we created it. 😉