This project is read-only.

Comments web-site address field = spam magnet

Aug 6, 2010 at 7:53 PM
Edited Aug 6, 2010 at 8:10 PM

Is there some way to turn off the web-site address field in the comments?
(if not, this is then a development suggestion)

This field seems to be a magnet for all kinds of "link spam" - like "what a great post - thank you so much" - and then a link to some Viagra site...

(Yes, i'm already using Captcha, but they keep coming, apparently entered manually)

Aug 8, 2010 at 1:54 PM

Take a look at the CommentView.ascx file.  Most themes make Comment.Website a link to Comment.Author - you can remove that and just display Comment.Author.

However, a better approach may be Akismet.  It's got a 100% success rate on my blog on which I allow comments.  (I have 2 so far that I'm just using as a CMS.)  Granted, the blog is only a few weeks old, but I was getting spam on it before I had a single incoming link!  Between Akismet and the built-in filters, none of them actually got out.

Aug 8, 2010 at 2:09 PM

Argh - just re-read your question and found that I misread it.  My reply still has BE accepting the data, it just isn't displayed.  You could use CSS in the theme (the field ID is ctl00_cphBody_CommentView1_txtWebsite), but the label would still be there.  You could also use JavaScript (jQuery would make it easy) to hide those fields when the page is displayed.

The code that displays it is in [BE root]/User controls/CommentView.ascx - you could try removing the code for the website field in that file.  Keep in mind that I haven't tested this, and since it involves changing a file that's a part of the BE distribution, it would get overwritten during upgrades.  If you go this route, you might want to leave a hidden element that will post a blank website; I'm not sure how it would handle that field not being part of the POST request.

Aug 9, 2010 at 10:38 AM

Thanks for your replies.

I have added a <DIV style="display:none"> around the web-site label, field, and validator for now.
This appears to works fine.

However my concern is that with every code change I make, the bigger the mess whenever I need to upgrade to a new version of BlogEngine.NET...
It would be nicer with an option to turn off the web-site field.


Aug 20, 2010 at 12:12 PM

Jesper, thanks for the tip. I just made this change I hope it will cut back on the spam.

Aug 30, 2010 at 7:23 PM

Or you could use reCAPTCHA, it will eliminate the problem of spam messages.
Since my installation, it has only had a relevant comment posted on my blog