WordPress Tools: WP-Gatekeeper

This plugin is not yet completely finished! It does work as advertised, and can be deployed as-is, but may see some improvements and optimizations in the future. Its current status is "Release Candidate 5".

This version of WP-Gatekeeper was developed for WP 1.5, and is not compatible with earlier versions of WordPress. It seems to work with WordPress 2.1, but I have not thoroughly tested it (I've only recently come to WP2.x). There is an older, much less easy-to-install version for WordPress 1.2 available. In either case, use at your own risk.


WP-Gatekeeper is a comment-spam defense plugin for WordPress 1.5. Upon installing it, a challenge will automatically be added to comment forms: "What color is an orange?". In order to post, the commenter must enter the correct answer. The strength of Gatekeeper is that it allows you to create any number of challenges you like, and picks one at random to insert into the comment form. You can also define your own markup template as well as manually place the challenge in your comment forms, should you so desire.

Bug and Change Notes


  1. Back up your WP files! There's nothing here that should cause major problems, but if you have trouble or decide you want to back out WP-Gatekeeper, you'll want your original files.
  2. Place wp-gatekeeper.php into the plugins directory.
  3. In your administrative interface, activate the WP-Gatekeeper plugin.
  4. Under "Manage", select the new "Gatekeeper" submenu. Make sure everything's to your liking, and take this opportunity to add new challenges or change the one that comes pre-installed (which I strongly recommend).

That's all. Did you want more?

Okay, here's more. By default, the plugin will scan comment forms and insert the challenge into the form. It's set up to insert the challenge after the URL input on the default (Kubrick) template. If it doesn't find a match for the markup it expects, it will insert the challenge after the textarea in the comment form. Failing that, it will simply insert an XHTML comment indicating its failure, and commenting will be blocked until the problem is fixed.

And how does one fix the problem? Well, you could disable the plugin, of course. You could also edit your comment form(s) to include the function gatekeeper_pose_challenge wherever it is you want the challenge to appear. This will likely mean that you'll have edit the markup it generates, and possibly surround it with your own, but odds are you've already been fiddling with the markup as it is, so no sweat, right?

Note that if your WordPress install allows users to register, logged-in users will not receive a Gatekeeper challenge. They're assumed to be trusted by dint of having accounts. This behavior may become an option in a future version of Gatekeeper.

Functional Reference

You will only need this information if you plan to manually place the challenge in your comment forms. Otherwise, it's an interesting curiosity.

gatekeeper_pose_challenge('format', 'stripslashes', 'tabindex', 'doctype')
format (string)
Format string for the link. Markup may be included in the format string, and will be returned unaltered. Defaults to the built-in format string, available from the Gatekeeper administrative page.
stripslashes (string)
Accepts one of two values: Y and N. If Y is passed, then the result will have escape-slashes stripped from any displayed text. N will leave the slashes in place, which is useful if the result will be placed within JavaScript. The default is Y.
tabindex (string)
Allows you to specify the tabindex value that will be used for the challenge's text input field. This is useful if you have a custom-structured form and don't want tabindexing to break. The default is 5.
doctype (string)
Accepts one of two values: xhtml and html. The former will cause empty elements to be returned with trailing slashes; the latter will leave off the trailing slashes. The default is xhtml.