WordPress.org

Ready to get started?Download WordPress

Forums

WP Photo Album Plus
[resolved] SPAM comments on "slideonly" album (6 posts)

  1. J R BERNSTEIN
    Member
    Posted 1 year ago #

    Hello,

    I've just found a significant problem with my site. In the last week I've gotten over 2100 SPAM comments on an album on my main page that uses the shortcode:

    [wppa type="slideonly" album="2" align="right"][/wppa]

    When you type the URL in normally, everything looks fine. It's just a basic slide-show with nothing else, but when you type in:

    http://my-website-url.net/?wppa-album=2&wppa-occur=1&wppa-photo=1

    You get a full slide-show with all the thumbnails and navigation and commenting!

    I don't want to disable commenting entirely, because I use it on other (password protected) galleries.

    Is there a way to avoid this problem?

    Thank you for your hard work!

    http://wordpress.org/extend/plugins/wp-photo-album-plus/

  2. J R BERNSTEIN
    Member
    Posted 1 year ago #

    ...this also brings to light how insecure my "password protected" galleries are.

  3. Jacob N. Breetvelt
    Member
    Plugin Author

    Posted 1 year ago #

    You can do the following:

    - enable the ( very simple, but better then nothing ) captcha in Table VII-B9

    - set spam lifetime Table VII-B10

    - enable commenting login Table IV-F1

    - enable comment moderation Table IV-F3

  4. J R BERNSTEIN
    Member
    Posted 1 year ago #

    Thanks for the reply.

    Sorry for my lack of knowledge on the subject, but I don't suppose there's any way to disable someone from accessing the gallery directly from the URL (as above)? I.e., if someone were to "type http://my-website-url.net/?wppa-album=2&wppa-occur=1&wppa-photo=1", that would give them a 404 error or 403 error, etc. Is that possible?

    I had wanted some password protected galleries (each client would have their own private protected gallery) and some public galleries. I had thought that simply password protecting my WP page would accomplish this, but right now, anyone can access any of my galleries and all of the features just by manipulating the URL.

  5. Jacob N. Breetvelt
    Member
    Plugin Author

    Posted 1 year ago #

    That is correct. The files in wp-content/uploads/... must be readable anyway so you can always type a link in the browser address line like http://beta.opajaap.nl/wp-content/uploads/wppa/1692.jpg and see the image.

  6. worldwidej
    Member
    Posted 6 months ago #

    I am also looking for a way to hide spam comments from being automatically uploaded. I´d prefer the normal comment section way (on pages in general), where I can admin-control every comment and have to accept it before being published.

    Unfortunately none of the tables mentioned above 7 months ago are exiting in WP Photo Album 5.2.6, neither those in Table VII nor in Table IV.

    Where can I find those kind of settings now?

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic