Reducing spam even further in WordPress
Maybe I'm bored, but I've been spending a bit of time researching on ways to beat spam. Mind you, I haven't had anything get past Akismet anyway. This article is for all of you who want to be hardcore about your spam defences 
I came across "Project Honey Pot", which is a distributed system for identifying spammers and the spambots. Simply said, IPs of your site's visitors are verified against the Project Honey Pot database and spammers are kicked out.
Participating in this network comes in 2 forms. You can either install a Honey Pot (which is pretty easy) or if you don't want to install a Honey Pot of your own, you can link to someone else's.
Installing Honey Pot on a server (optional)
Installing a Honey Pot is easy enough. Start out by visiting Project Honey Pot. Once you've signed up for an account, you can begin adding a Honey Pot:
Depending on your webserver's supported languages, you can choose from a bunch:
Once you've chosen your options, you can download the files and upload it to any accessible-directory on the site you specified. Just visit the site to activate it.
The next step, is to customize your blog or site in such a way that you can actually catch suspicious activity:
Plugin: WP-Honey Pot
In order to make use of your new Honey Pot (or a Honey Pot elsewhere), install WP-Honey Pot. WP-HoneyPot enables you to add a hidden link on your blog in one of several randomised locations to ensure that spammers are less able to adapt to the solution and once you are a contributing member to Project HoneyPot then you are able to use the http:BL (which I'll be getting to just now).
Once that's set up, you'll be doing your part in helping to catch email harversters, comment spammers and other suspicious folks.
Plugin: http:BL
The obvious next step, would be to block the spammers from your site. And that's where http:BL comes into the picture.
Once you've installed and activated the plugin, all you need to do is specify an API key (which you get from the Project Honey Pot site) and the URL to your Honey Pot of choice. And that's pretty much all there is to it.
This flow-chart sums up my Spam protection for the time-being:
So far so good:
If any of you have tried something similar, or tried what I described above, drop me a line below and let me know your experiences!
How to get rid of your CAPTCHA and still avoid spam
CAPTCHAs. You hate them, I hate them. Everyone's seen them and everyone will tell you they're annoying.
I'll admit, I used to use a Maths CAPTCHA, cause I thought it'd be easier for someone to add 5 + 6 than to read some scew text-characters. Apparently this only annoyed people more though (there is an amazing aversion to Mathematics out there). I can't blame you, it really is annoying.
And this one is very popular. Which apparently uses CAPTCHAs to help digitize books. That's great, but I don't feel like helping.
Which all brings me to something I'd encourage more people to use.
Spambots fill up fields in a form and submit. If there's a CAPTCHA, advanced spambots actually solve it and enter a value. Which leads to more advanced (nastier-looking) CAPTCHAs.
Invisible Defender is an example of spam-protection that does things a little differently. Instead of displaying a CAPTCHA, it adds a bunch of generic fields to the form. These fields remain invisible/hidden from the typical user:
(Most) Spambots don't realise this and fill up those fields too. The script detects if the fields were filled in and if they are, it shows an 403 error-page to the bots. I heard of this simple-concept about a year ago and thought it was such an eloquent solution. It almost seemed too simple to work.
Mind you, spambots are getting smarter, so some get past this too. But so far it's worked pretty well for me. I'm curious to know about your experiences too!