The base 1.5 Strayhorn code had a bug where if you had no moderation keys listed it would ignore the whitelist settings. You can either upgrade to a more recent nightly if you’re brave, or define some words in your moderation keys list.
Thread Starter
lambic
(@lambic)
I have lots of words there, and usually the whitelist moderation works. This morning was only the 2nd time that some have made it through.
I have comment spam coming through, and I don’t know how the evil [expletive deleted]s are doing it. I have a cron job that executes an SQL statement that sets the comment_status flag on all posts older than 21 days to “closed.” I’ve checked the tables, and they reflect this; I’ve checked the pages, and they reflect this.
So, if the comment_status is set to closed, how is it that the comment spammers are able to post comments to every post in the blog’s history, which stretches back to 2003? (I moderate all of them, of course, but it’s an increasing pain.) For obvious reasons, I need to stop this.
I’d be grateful for any answers.
Moderator
James Huff
(@macmanx)
Volunteer Moderator
They’re using your trackbacks. If you want to disable trackbacks via MySQL, see “I have disabled trackbacks, but trackbacks continue to be posted.” here: http://codex.wordpress.org/Combating_Comment_Spam#Q_.26_A
I’m having the same problem as the original poster, and my whitelist is not empty. However, it was empty for the first few days after I upgraded to 1.5. I’m assuming the spammers got into the ‘has previously been approved’ list during that window and that’s why their spam is still getting through?
If that’s the case, how do I get them unapproved? Especially since there’s no way to mark a comment as spam once it’s made it past moderation…
Thanks,
L.
There’s some plugins that can affect comments. I know there’s some ‘nuker’ thing out there, and CG-AntiSpam can tag and flush spam comments. Also, you can simply delete the offending comment in the first place to ‘unapprove’ that commenter… I could probably find a way to have CG-AntiSpam let you tag existing comments as spam using your own criteria.
-d
Moderator
James Huff
(@macmanx)
Volunteer Moderator
I don’t think deleting the spam is enough… I’m doing that, of course, and that gets it off my site, but does that cause the originator to cease to be an approved poster? If it does, great; the spam should start being filtered into the moderation queue as the ‘approved’ spammers get de-approved. I guess I should dig into the comment approval code and figure out exactly what the criteria are for allowing a comment through.
yes, I believe it checks to see if there’s a post from the same ‘virtual user’ that was approved in the past (not sure if it checks email, name, or both…).
thus nuking all old ones should prevent new ones.
The problem is that whitelisting, in theory, shouldn’t give a guaranteed approval to something that otherwise hits the blacklist (or other spam-check mechanism). At best it should be put into moderation…
-d
