Impostercide was written by Scott Merrill, AKA Skippy, who left the WordPress project in 2007. After rescuing this plugin, I began to use it on a couple sites, and decided to take care of it as best I could. I take no credit for the coolness.

Impostercide prevents unauthenticated users from “signing” a comment with a registered users email address, name or URL.

Download: plugin repository for Impostercide

Support: support forum for Impostercide


Join the conversation

comment 4 comments
  • HateImposters

    Just read that the original coder of impostercide left a few years ago and you rescued the code 🙂 nice save for the cool plugin.

    Was wondering if there is a way to prevent unauthenticated users from using another unauthenticated user’s credentials from being impersonated?

    • Ipstenu

      Not really. The problem is that there’s no way to prove you’re you without a username and password. The handle and email can be easily faked, as you pointed out, and you can’t rely on IP, since they change these days (I have a few I use, and what happens when I’m in a coffee shop?).

      That said, as a moderator, when I see someone’s post from a new IP, I keep tabs on it.

      I’ve been spoofed a couple times, so yeah, I know that pain 🙁

    • HateImposters

      Geez 🙁 guess some people get off from spoofing other people

      Anyways, thanks for the reply 🙂 will check out the plugin again.

    • Ipstenu

      The only way to beat the spoofers and spammers, in the long run, is constant vigilance to your moderation queue. 😡

Comments are closed.