WordPress.org

Ready to get started?Download WordPress

Forums

inexplicable commenrt spam (10 posts)

  1. yaksox
    Member
    Posted 8 years ago #

    Would someone care to take a look at either of these two posts:
    http://www.sunnybreaks.org/2004/01/31/the-ageing-young-rebel/
    http://www.sunnybreaks.org/2004/01/24/hey-smegma-features/

    and tell me how spambots could be sending comments.
    I have both comments and trackback turned off and completely removed from the templates. It's fine for every other of the many, many entries I have, but for some reaon these two still get get hit.

    Thanks to anyone who can solve this mysterious riddle! :)

  2. Chris_K
    Member
    Posted 8 years ago #

    I'm going to guess that they've seen what a WP comment post looks like and are just forming their own page to lob 'em in at you. Probably scripted since they don't look at the post to see that comments are turned off.

    That's my guess at any rate. But crafting up a simple form post is pretty straightforward.

  3. yaksox
    Member
    Posted 8 years ago #

    The above response doesn't seem to take into account the fact that I am only getting comment spam for *two* entries out of hundereds.
    It's not very helpful.

    I am trying to remain as objective as possible about the support forums and support in general for work press, but the reality is that there are very few people here who know what they are talking about and even less who actually can be bothered to help.

  4. khimichcom
    Member
    Posted 8 years ago #

    Previous poster gave you correct hint, you just don't bother to think carefully. They used your submit page directly

  5. yaksox
    Member
    Posted 8 years ago #


  6. Chris_K
    Member
    Posted 8 years ago #

    Well, as a guy who tries to stop by and help others every now and then, I reckon I've been put in my place!

    Sorry, yaksox. Didn't mean to let you down.

  7. yaksox
    Member
    Posted 8 years ago #

    Look, I'm just saying, don't assume me or others know all the technical terms. I don't know what a submit page is. Is there another file I should delete from my WP-admin folder?

    here I made an effort to explain something to a newbie in a clear, simple way. That's really all I'm asking.

  8. Gadgetizer
    Member
    Posted 8 years ago #

    yaksox, what the people above mean, is the spammers are accessing the wp-comments-post.php form directly. It's a classic tactic of spambots. They don't go to your blog, they just use a crawler or whatever to find wordpress (or blogger, or MT, etc) blogs and trigger the comment forms.

    Even though you have comments turned off and stripped the comments link, all the spammers need is the post-id, they trigger the wp-comments-post.php script with that id and it shows up in your moderation list.

    One way to fool them for a while is to change the filename of wp-comments-post.php to something else, but they'll eventually find the script anyway.

  9. whooami
    Member
    Posted 8 years ago #

    "...but they'll eventually find the script anyway."

    actually they wont, in the op's case, as he has comments turned off. Read.

    One better is to just rename the file to wp-comments.php-jhkjh (in case you ever decide to re-enenable comments) or delete it all-together (if youre never going to alow comments, even then if you changed your mind, you could redownload the zip)

  10. mbarcbowen
    Member
    Posted 8 years ago #

    Doesn't the fact that, they can access the file directly and insert their spam bother anyone but me? It certainly seems like an exploit to me, as it is bypassing the options in place on the site. Anyone know of a way to fix this directly without "renaming" files constantly, or disabling comments all together? And I don't think disabling them does the trick either.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.