Rah comment spam - Comment anti-spam plugin for Textpattern CMS



Packagist | Issues | Donate

Rah_comment_spam provides customizable anti-spam tools for Textpattern CMS’ comment system. Set minimum and maximum message length, filter spam words, validate email addresses, limit posting activity and set hidden spam traps. All from simple admin-side graphical user interface, no head first dive to code.


Using Composer:

$ composer require rah/rah_comment_spam


  • Set comment message length limitations: minimum and maximum, words and characters.
  • Limit link posting.
  • Define spam words, and set the limit how many spam words are needed until comment becomes spam.
  • Show customizable error messages when comment is blocked.
  • Set a custom hidden spam trap field.
  • Change the spam protection method.
  • Set quotas, limit users’ comment posting activity.
  • Integrates with Textpattern’s native preferences panel; no diving into code needed at all.


  • Textpattern 4.5.0 or newer.
  • PHP 5.6.0 or newer.


Once the plugin is installed, you can find set of new preferences in your Textpattern installation’s Preferences panel. To configure rah_comment_spam’s preferences navigate to Admin/Preferences and take a look at the Comments section. If you have commenting disabled on your site, you will have to toggle the Enable comments option to see the section.


Looking at the Preference’s panel’s Comments section, you should see set of options that weren’t there before. Those are the options that the plugin offers. In total, there should be around 18 new toggle-able items. The offered plugin’s options are as follows.

What to do comments detected as spam?

The option sets the action that is taken towards to comments flagged as a spam. There are three options you can choose from. The default option is Save to moderation queue which saves the comments to moderation queue. The detected comments won’t be visible to public, but are saved to moderation queue, and can be manually confirmed. The second option Ignore, do not save blocks the comments. The comments won’t be saved and the user is greeted with the message set in Message displayed to the user when the comment was blocked option. The third and last option Save and flag as spam saves the detected comment to the database as spam.

Message displayed to the user when the comment was blocked

Sets the message that is shown to users when their comment is blocked by the filters. The message is only used when the protection method above is set to Ignore, do not save. With others, Textpattern’s build in language strings are used.

List of spam words

Sets words/terms that are considered as something that spam would contain. Separate multiple words with commas (,). Used words are incase-sensitive. Example value: viagra, wares, wowgold.

Search spam words from following fields

Sets which fields are filtered for spam words. Use comma-separated list of field names. Available values are name, email, web and message. Default option is name, email, web, message.

Maximum number of spam words until the comment is considered as spam

Sets the maximum number of spam words a comment can have until it’s considered as spam. The lower the number, the stricter the filter is. Recommended value is between 2 to 10.

Number of allowed URLs

Option sets comment message’s URL limit. If a comment contains more URLs than the options allows, the comment is considered as spam.

Minimum number of words

Required minimum length of comment message in words. Shorter messages are considered as spam. Recommended value is 1 to 3.

Maximum number of words

Maximum length of comment message in words. Longer messages are considered as spam. Note that message’s total size is limited to 65535 bytes (equals to around 65535 ASCII characters).

Minimum number of characters

Required minimum length of comment in characters. Shorter messages are considers as spam. Recommended setting is 1 to 10.

Maximum number of characters

Maximum length of comment in characters. Longer messages are considers as spam. Note that message’s total size is limited to 65535 bytes. Valid values range from 0 to 65535 (equals to around 65535 ASCII characters).

Name of hidden spam trap field

If set, hidden spam trap field is added to the comment form. The field will be hidden with CSS, and if the field is filled, the comment is considered as spam. Default value is phone. Empty the field to disable the spam trap.

Use quotas, limit users’ comment posting activity?

If set to Yes, users comment posting activity is limited. Comments going over the quota are considered as spam. Users are identified by IP addresses.

Users’ comment quota limit

Sets the user’s quota limit. Default is ten (10) comments per user.

Count users’ comments towards quota in

Sets which comments in which articles are counted towards the quota limit. By default user’s comments in any article are taken into count. Available settings are In all articles, counts comments site-wide, and In current article which counts only comments in the current article the new comment is being posted to.

Quota resets every number of seconds

Sets the timespan used in the activity limiting. Comments older than this are not counted towards the quota limit. The time is set in seconds. For example setting the option to 600, would count an user’s comments from the last ten minutes, and if the number goes over the quota, then the comment is considered as spam.

Check email’s DNS records?

If set Yes, email address’ DNS records are checked. If the domain is found to be non-existent, the comment is considered as spam. The feature requires checkdnsrr function and the server must be allowed to make outgoing connections.

Check the time user spent writing the comment?

Makes sure that the user spent set amount of time writing the comment. Instant posters will be treated as spammers. Usually it’s recommended to keep this feature disabled. It can accidentally block fast writers if the required time is set to too high, but it can also successfully block spam bots which might try to post comments instantly, without interacting with the comment form. The time is counted from the initial article page load to the comment’s submitting.

Minimum time required to be spent writing a comment?

Sets the required interaction time in seconds. Default is 5. Higher values are not recommended usability-wise. If you set the value higher than 5 seconds, consider adding JavaScript based counter to the comment form that informs the users how much they have to wait.


Version 0.9.0 – 2019/03/24

  • Fix: Invoke uninstaller on uninstall.

Version 0.8.0 – 2015/03/06

  • Added: Finnish translation.
  • Fixed: Word and character limits are zero index. Setting a value to 1 means that one or more is applicable. Previously the limits had offset of one. Setting the value to 1 required 2.
  • Now requires Textpattern version 4.5.0 or newer.

Version 0.7 – 2011/11/03

  • Fixed: Update cached version number after running the installer.
  • Updated help file.

Version 0.6 – 2011/09/09

  • Fixed: Comment quota limit’s In current article option. Previously counting didn’t work when the in current article option was selected.
  • Added: language string support. The interface now is translatable using Textpacks.
  • Added: option to freely add any field to the list of that are checked for spam words. Used fields need to be defined in getComment().
  • Improved: UTF-8 compatibility. The plugin now uses multibyte safe methods when possible.
  • Changed: Migrated the preferences from own admin-interface and database table, to Textpattern’s native preferences panel. Preferences are now located at Admin/Preferences, in the Comments group.
  • Changed: For new installations protection method now defaults to moderate instead of blocking.
  • Changed: For new installations, default message length limits have been increased, and the example spam words have been removed.
  • Now requires PHP5 or newer. PHP version 5.3 or newer is recommended. PHP 4 support has been dropped.
  • For full feature compatibility Textpattern version 4.2.0 or newer is required. Textpattern v4.4.1 or newer is recommended.

Version 0.5 – 2010/09/15

  • Added option to check the time the user used to write the comment and block instant posters. As discussed here.
  • Removed unused HTML field ids and sizes from the backend pane.

Version 0.4 – 2010/08/02

  • Added: now also filters https://, ftp:// and ftps:// protocols, not just links starting with http://.
  • Changed posting limit feature’s maximum post setting from “more than” to “equals or more than”. Setting the value to zero/or leaving it empty will disable the feature.
  • Changed filtering method from and to or. This means, when the comment gets flagged by a filter for the first time, the spam filtering process ends instead going thru all the checks which are no longer needed. Gives slight performance boost.
  • From version 0.4 onwards requires TXP 4.0.7 or newer.
  • Now posting limits are counted barely by MySQL. No involment of PHP.
  • Merged rah_comment_spam_urlcount() and rah_comment_spam_spamwords().
  • Now admin panel uses same type of sliding panels as seen in rah_sitemap.

Version 0.3 – 2009/12/02

  • Added email DNS validation.

Version 0.2.1 – 2009/08/15

  • Made writing spam definition list less strict. Now allows double commas, spaces and so on. Thanks Robert.

Version 0.2 – 2009/05/04

  • Added user based time relative posting limit.
  • Fixed hidden spam trap input’s escaping.
  • Improved comment posting evaluating speed.
  • Merged install, save, update and fetch arrays.
  • Improved installation script.
  • Merged SQL queries.

Version 0.1.3 – 2009/03/12

  • Fixed forgotten strtolower().

Version 0.1.2 – 2009/01/22

  • Removed typo from admin panel: “Documention” to “Documentation”.

Version 0.1 – 2008/09/07

  • Initial release.
You might also like...
WPBruiser {no- Captcha anti-Spam} (forked, updated)

=== WPBruiser {no- Captcha anti-Spam} === Contributors: mihche, knutsp Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_

Textpattern-for-Panic-Coda - A Textpattern CMS mode for Panic Coda

Textpattern elements for Panic Coda 2 Handy elements for use with Panic Coda 2 on a Mac when authoring files for the Textpattern CMS. This repository

Textpattern-installer - Textpattern plugin and theme installer for Composer

Textpattern Installer for Composer Package directory | Issues Install plugins and themes to Textpattern CMS with Composer. $ composer require rah/rah_

Ied plugin composer - Inspired Plugin Composer: Create, publish and edit plugins from within Textpattern CMS.

ied_plugin_composer Create, publish and edit plugins from within Textpattern CMS. Creates a new page under the Extensions tab where you can edit and e

MassPlugCompiler - Textpattern CMS plugin compiler

mtxpc mtxpc compiles Textpattern CMS plugin sources into installer packages. Supports multi-file structure and a JSON manifest file. Install Using Com

Etc cache - Cache plugin for Textpattern CMS

etc_cache Download | Packagist This Textpattern plugin provides an events-driven cache solution for Textpattern CMS. Textpattern is fast, but when you

Etc pagination - Pagination plugin for Textpattern CMS.

etc_pagination Download | Packagist This Textpattern plugin creates a paginated navigation bar on listings. It has a wide variety of attributes – so y

Smd imagery - A Textpattern CMS plugin for managing images in the Write panel.

smd_imagery Insert images into your Write panel. Very handy for people who run photoblog or image-heavy sites, or those who categorise images for incl

Zem contact reborn - An extensible HTML form mailer plugin for Textpattern CMS.

com_connect Contents Introduction Installing and upgrading Migrating from zem_contact_reborn Usage Tags com_connect tag com_connect_text tag com_conne

Jukka Svahn
Backend developer by trade, hobbyist designer and frontend fiddler, self-proclaimed home cook and baker
Jukka Svahn
Arc admin comment preview - Simple Textpattern plugin that adds a comment preview to admin

arc_admin_comment_preview This is a Textpattern plugin for adding comment previews to the admin comment edit pages. Requirements Textpattern 4.0.8+ In

Andy Carter 1 Jan 20, 2017
SPAM Registration Stopper is a Q2A plugin that prevents highly probable SPAM user registrations based on well-known SPAM checking services and other techniques

SPAM Registration Stopper [by Gabriel Zanetti] Description SPAM Registration Stopper is a Question2Answer plugin that prevents highly probable SPAM us

Gabriel Zanetti 2 Jan 23, 2022
Rah backup - Takes backups from Textpattern CMS installations

rah_backup Packagist | Twitter | Donate Rah_backup keeps your important site safe from disastrous events. Rah_backup is an admin-side backup utility p

Jukka Svahn 5 Apr 24, 2022
Rah sitemap - XML sitemap generator for Textpattern CMS

rah_sitemap Packagist | Issues | Donate Sitemap plugin for Textpattern CMS. Generates Sitemaps.org XML sitemaps for your site, which help Google and o

Jukka Svahn 7 May 13, 2022
Rah memcached - Store parts of Textpattern CMS templates in Memcached

rah_memcached Packagist | Issues | Donate A plugin for Textpattern CMS that stores parts of your templates in Memcached, a distributed in-memory key-v

Jukka Svahn 2 Aug 12, 2022
Rah comments - Paginated article comments list for Textpattern CMS

rah_comments Download | Packagist | Issues | Support forum | Donate Rah_comments lets you to paginate Textpattern CMS’ comment lists, splitting the lo

Jukka Svahn 1 Mar 23, 2015
Rah privileges - Configure Textpattern CMS' user-group privileges through Preferences panel

rah_privileges Packagist | Donate Configure admin-side user-group permissions from Textpattern CMS’ preferences panel. Install Using Composer: $ compo

Jukka Svahn 4 Apr 16, 2022
Friendly Captcha anti-spam plugin for Joomla!

Friendly Captcha anti-spam plugin for Joomla! Register at https://friendlycaptcha.com to get your site and secret keys. Plugin Features Standard light

null 10 Dec 14, 2022
Cloudflare Turnstile anti-spam plugin for Joomla!

Cloudflare Turnstile anti-spam plugin for Joomla! Turnstile is Cloudflare's smart CAPTCHA alternative. It can be embedded into any website without sen

null 2 Nov 10, 2022
Rah cache - Cache Textpattern's dynamic pages as flat files

rah_cache Packagist | Issues Rah_cache is a simple, experimental full-page caching plugin for Textpattern CMS. It caches Texpattern’s dynamic pages as

Jukka Svahn 2 Apr 24, 2022