Add Expiring Token to Endpoint for DDOS Protection

[dshanske]

Add an expiring, random or encrypted token to webmention endpoints, preventing the accumulation of lists of endpoints and forcing attackers to look up the webmention endpoint of each of the sites they want to use to DDOS a victim.

http://indiewebcamp.com/DDOS#Expiring_token_in_endpoint

[peterwilsoncc]

FWIW, WordPress has built in nonce functionality.

[peterwilsoncc]

I'm not ready for a pull request but I've started working on this in /peterwilsoncc/wordpress-webmention/tree/issue39

I'm dogfooding it on my own site and will see how it goes.

[pfefferle]

see: #41