Impostercide prevents unauthenticated users from “signing” a comment with a registered users email address or username. There is no interface from the admin’s end, no options to select. Simply install, turn it on, and watch the spoofers get stopped.



Latest version: Download Impostercide v1.8 [zip]


No special instructions.


Q. Will this work on older versions of WordPress?
A. This will work on WordPress from version 2.1 and up.

Q. Will this work on MultiSite?
A. Again, yes. I suggest putting it in mu-plugins, but it works fine both ways.

Q. Can this catch innocents?
A. Yes, but … well. The only person I’ve caught is someone who is, apparently, pathalogically incapable of remembering that he HAS an account on the site, and he needs to LOG IN with said account. He also claims to forget his password and that WordPress doesn’t email it to him, so I’m pretty much chucking his complaint as a problem with the user, and not the tool.



  • 17 April, 2012 by Ipstenu
  • Readme cleanup, fixing URLs etc.
  • Internationalization


  • 4 October 2011 by Ipstenu
  • 3.3 compat check
  • minor cleanup
  • licencing


  • 8 Dec 2010 by Ipstenu
  • Removed the check on URL. Why? Cause sometimes people have the same URL as other. Like when they share a site. (Sorry RonAndAndrea!)


  • By Ipstenu
  • Switched logged in check to is_user_logged_in() (thanks Chip!)
  • Genericized the error message (again, Chip)



  • July 2011 by Ipstenu
  • Initial version by Ipstenu. All I did was change commenting and move it to a subfolder. (This was only ever released on my websites)


  • 2005 Scott Merrill (, discontinued in 2007.
  • many thanks to Mark Jaquith for the name “Impostercide”


  1. impostercide screenshot 1

    Error message when you try and post as a registered user

  2. impostercide screenshot 2

    Wait, something’s wrong….