Good question, but not something you want publicly discussed in too much detail. 😉
Presumably commenter behavior is analyzed for spammy traits –like completing extra input fields humans don’t see.
Plugin Author
MihChe
(@mihche)
Hi Jessy,
While I don’t think you’re interested in how WPBruiser is technically implemented, I can let you know that it injects hidden tokens into forms when the page is loaded and exchanges their values with the client side using javascript.
Yes, you can manually block IPs or let WPBruiser block them when a Brute Force attack is detected.
If you need some technical information or you have any questions feel free to contact me through http://www.wpbruiser.com/contact
Mihai
