WordPress.org

Ready to get started?Download WordPress

Forums

Recent spam in comments (38 posts)

  1. lise
    Member
    Posted 9 years ago #

    Hi everyone,
    I too was attacked by this new spam bot called texas holden and online poker. I will be installing the Wpblacklist suggested but I realized that it started at the same time as I signed up for Blogexplosion at http://www.blogexplosion.com/ which brings me to think that maybe the spam was caused by that.
    Maybe it's just a coincidence, but I would like to ask anyone who has the same problem, if by any chance they had also signed up for this new Blogexplosion?
    Thanks
    Lise
    http://over-50-and-kicking.com

  2. TechGnome
    Moderator
    Posted 9 years ago #

    has any one else had this problem? uh, yeah.... a quick search would have shown that.....
    here's a little help:
    Search Forums for 'texas holden'

  3. Mark (podz)
    Support Maven
    Posted 9 years ago #

    Doesn't BlogExplosion install a funky piece of software that checks where you are going, how long you are looking etc?

  4. NuclearMoose
    Member
    Posted 9 years ago #

    I've been getting casino, poker, and every other kind of spam comment under the sun for a year, so this isn't new, and it's certainly not exclusive to WordPress.

  5. threevolve
    Member
    Posted 9 years ago #

    I'm getting that too ... from poker-rooms-777.com ... spammer is using a spoofed IP address and a fake email. Is there any way to set wordpress to auto delete comments that match certain criteria?

  6. moshu
    Member
    Posted 9 years ago #

    @threevolve,
    did you try a search for comment spam? there are a lot of tricks how to defend your blog.

  7. Tristan
    Member
    Posted 9 years ago #

    just got hit last night...not a member of anything

  8. Anonymous
    Unregistered
    Posted 9 years ago #

    I've deleted my wp-comments-post. php file, disabled comments, installed WP Blacklist, and I STILL get the spam comments from the "poker" guy. Any help?

  9. Fahim
    Member
    Posted 9 years ago #

    davezor: Does your blacklist include the poker guy's URL? If it does and you still get comments from him, then you either haven't activated WPBlacklist or you have things going to the moderation queue and you think that comments have been posted when they are only in the moderation queue - the ones in the moderation queue are in a slightly different colour :)

  10. Anonymous
    Unregistered
    Posted 9 years ago #

    I just got WP, and I havent been really using it. I was just playing around with it, and it wasnt even accesible from any of my pages on the site. yet somethow I got spammed by that poker room 777 bot.

  11. Anonymous
    Unregistered
    Posted 9 years ago #

    yes the url is blocked and yes WPblacklist is activated. I am also not receveing comments to approve/dissapprove from "poker".

  12. Anonymous
    Unregistered
    Posted 9 years ago #

    I've also disabled commenting, checked the box for all comments to be validated and all that stuff. None of it works and as soon as I post a new post, a comment appears right away.

  13. Fahim
    Member
    Posted 9 years ago #

    davezor: That sounds extremely weird. Do you want to mail me off-list with your site URL (my e-mail addy is at the top of my site - which can be accessed by clicking on my name on the right) so that I can take a look?

  14. Anonymous
    Unregistered
    Posted 9 years ago #

    I'm did not sign up for blogexplosion and over the past two days I've deleted about 80 spams from an online casino. Just this morning I got up to find another 20 waiting moderation. I'm going to try wp blacklist because even though wp catches the spam words and sends those comments to moderation, it's still annoying. Spam sucks.

  15. abductions
    Member
    Posted 9 years ago #

    I did not sign up for Blogexplosion but the new Blog is getting spammed by Texas Holdem, Et Al anyway. According to my MySQL database, the bot did not register for a password, so now I can't block the Bot, and will have to manually delete. What a royal nuisance. Not sure if the Blog is worth keeping. In my opinion, this is a critical weakness for Word Press, because any of us with Blogs could accidentally end up hosting a free message service for gambling casinos, pornography, or terrorists who could use our Blogs to transmit their messages around the world.

  16. Anonymous
    Unregistered
    Posted 9 years ago #

    Hi folks,
    had the same problem with this idiot of the casino... now i know my post could sound a bit naive and probably we would not accomplish much... but these are the details of the owner of the domain name of the sit who hit me:
    [blockquote]Registrant:
    Domains by Proxy, Inc.
    15111 N Hayden Rd., Suite 160
    PMB353
    Scottsdale, Arizona 85260
    United States
    Registered through: GoDaddy.com
    Domain Name: TEXAS-HOLDEM-0.COM
    Created on: 26-Aug-04
    Expires on: 26-Aug-05
    Last Updated on: 11-Oct-04
    Administrative Contact:
    Private, Registration TEXAS-HOLDEM-0.COM@domainsbyproxy.com
    Domains by Proxy, Inc.
    15111 N Hayden Rd., Suite 160
    PMB353
    Scottsdale, Arizona 85260
    United States
    (480) 624-2599 Fax --
    Technical Contact:
    Private, Registration TEXAS-HOLDEM-0.COM@domainsbyproxy.com
    Domains by Proxy, Inc.
    15111 N Hayden Rd., Suite 160
    PMB353
    Scottsdale, Arizona 85260
    United States
    (480) 624-2599 Fax --
    Domain servers in listed order:
    NS1.VHOSTED.BIZ
    NS2.VHOSTED.BIZ
    [/blockquote]
    Anyway I have been to the site of the registrar indicated above (www.domainsbyproxy.com) and presented a full report of what happened: I urge all of you who have had the same problem to do the same and contact the registrars of the domains who caused you troubles to have them shut down, and possibly have their "owners" prosecuted according to US law.

  17. knotty
    Member
    Posted 9 years ago #

    It may be a good idea to let the webhost of this site alerted too.

  18. Anonymous
    Unregistered
    Posted 9 years ago #

    So how do you get rid of this nasty little post virus?

  19. bio
    Member
    Posted 9 years ago #

    I've recieved about 300 coments in the past 24 hours on my site for the same url's as above (they're coming in faster now... about 2 or 3 per minute).
    I haven't signed up for blogexplosion.
    I came here searching for blacklist software (like MT-Blacklist). I see mention of WPBlacklist and will install that.
    Joy, oh joy!

  20. sdollen
    Member
    Posted 9 years ago #

    Seems like someone is busy - I've been getting these same comment postings the last couple of days and I didn't signup anywhere either. Funny thing to me that they are commenting on a WP that I just installed in a SUB directory for testing purposes only.
    Now, how in the heck does a spammer find a WP blog setup in a SUB directory?
    Very strange and hard for my limited technical mind to comprehend. Much like it's hard for me to understand how they can fake or change IPs. I'm on cable modem though - static IP.

  21. charle97
    Member
    Posted 9 years ago #

    does your test blog ping anything?

  22. sdollen
    Member
    Posted 9 years ago #

    @charle97 -
    ahh...good catch. I guess it does automatically pings the "pingomatic" as setup in default. Forgot about that.

  23. Anonymous
    Unregistered
    Posted 9 years ago #

    I will read this thread thoroughly to figure out what to do about this. I was attacked by spam and it added 8 comments to each and every entry in my blog.
    The only difference between my posting yesterday is that I was using a wireless internet connection (at a hotel).

  24. Anonymous
    Unregistered
    Posted 9 years ago #

    I got the same spam comments 2 days ago. I came to the support forum and used the "post file rename" suggestion yesterday. Today I have no spam comments. However, I haven't made a new post yet. I will do that today and see what happens.

  25. Anonymous
    Unregistered
    Posted 9 years ago #

    Well, I just posted a new blog and almost immediately, a spam comment appeared. I guess I'll have to read all the posts on spam to see what can be done.

  26. Anonymous
    Unregistered
    Posted 9 years ago #

    I was attacked by the texas holdem and online casino as well. Just installed the WP-Blacklist and no problems so far *crosses fingers*

  27. bio
    Member
    Posted 9 years ago #

    I installed WPBlacklist about 30 seconds after my previous post.
    Fahim... you are a GOD!! Thank you!
    Does anyone know for sure how this is being done? My assumption is they have a perl script (or something similar) that's doing an autofill on the form. If this is the case, would renaming variables and changing the order of the input boxes stop them?

  28. midori
    Member
    Posted 9 years ago #

    Seems that simply (in version 1.2) changing the name of the files + modifiing links to them (ok, my idea of simple.... never mind) worked, though I did add a few words in the anti-spam control interface.... :-) Well, that's a relief....

  29. Fahim
    Member
    Posted 9 years ago #

    They aren't actually auto-filling the form :p They are sending a POST command with the correct variable names and the values for those variables to the script specified in the comments form to handle form input. Renaming the script file (and changing the two WP core files which also called the same file) and changing variable names seemed to work fine for a while. But all of yesterday, I kept on getting spam comments at the rate of like 1 a minute - so either somebody has written a new, smarter script or somebody sat down and figured out my changes manually just for me :p

  30. Anonymous
    Unregistered
    Posted 9 years ago #

    Here's another wrinkle to help clear out the spam comments in the moderation queue.
    Edit /wp-admin/moderation.php to change the default radio button from "do nothing" to "delete". Makes it easy to do a global delete of the comments, instead of having to check "delete" for each one.
    In moderation.php, find this language:
    <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-delete" value="delete"/> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label>
    <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-nothing" value="later" checked="checked" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-nothing"><?php _e('Do nothing') ?></label>
    Move the 'checked="checked"' value from 'Do nothing' to 'Delete':
    <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-delete" value="delete" checked="checked" /> <label for="comment[<?php echo $comment->comment_ID; ?>]-delete"><?php _e('Delete') ?></label>
    <input type="radio" name="comment[<?php echo $comment->comment_ID; ?>]" id="comment[<?php echo $comment->comment_ID; ?>]-nothing" value="later"/> <label for="comment[<?php echo $comment->comment_ID; ?>]-nothing"><?php _e('Do nothing') ?></label>
    Now the default for comments awaiting moderation is "delete", so you can clean them out with one click.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.