Users on our forum (Hopscotch forum) have recently found a way to bypass the profanity filter by putting invisible by putting an invalid html tag between two parts of the word.
For example, the word gmail is by default blocked. But, you can do:
Gm<any invalid tag>ail
Which makes the word ‘gmail’ show up, because the tag in the middle is invisible.
One of our users is concerned that this could be used to throw off our spam filter, Akismet, by doing something like
Ge<dfg>t f<dgf>ree co<shd>upons on some<hh>thing today! www<fg>.example.com
As a test, I made a post with a bunch of repeated chinese characters on an alt who had never posted before, the kind of thing that would be flagged as spam, but put invisible html tags between some letters, and it didn’t get flagged as spam.
Can Akismet be made to ignore these tags?