Security problem with WP 2.1

Guntis
(@guntis)

17 years, 3 months ago

Hi,
I’ve set in the settings that anyone can post comments once he/he is registered user. However, every day I receive spam in my blog’s comment fields from the same IP address 209.160.64.236 and each comment has differnet user name and different content adn differnet link, but these user names are never registered in my blog.

Author : online-streaming radio stationsrock stations
Author : candy bouquet nebraska
Author : tavola+pace
Author : biaxin xl no prescription
etc.

So there must be some way spammers can post spam without really registering with my blog. Two suggestions:
1) add feature to block specific IP addresses;
2) improve registration autentication, so that spammers could not spam without taking real registration.

Viewing 4 replies - 1 through 4 (of 4 total)

Moderator Samuel Wood (Otto)
(@otto42)

WordPress.org Admin

17 years, 3 months ago

These are likely not comments, but trackbacks.

Install Bad Behavior and Akismet. These both block spam in different ways, and the combination of the two is mighty.

Thread Starter Guntis
(@guntis)

17 years, 3 months ago

I receive emails about comments, not about trackbacks.
Here’s email content I receive from the WP blog:

A new comment on the post #112 “Leopards dodas Vistu medībās” is waiting for your approval

http://www.adventisti.lv/blog/?p=112

Author : biaxin xl no prescription
-23 (IP: 209.160.64.236 , 209.160.64.236)

E-mail :

URL : http://mynscom.org/biaxin-xl-no-prescription/
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=209.160.64.236

Comment:
biaxin xl no prescription
-23

Approve it: http://www.adventisti.lv/blog/wp-admin/comment.php?action=mac&c=378

Delete it: http://www.adventisti.lv/blog/wp-admin/comment.php?action=cdc&c=378

Spam it: http://www.adventisti.lv/blog/wp-admin/comment.php?action=cdc&dt=spam&c=378

Currently 4 comments are waiting for approval. Please visit the moderation panel:
http://www.adventisti.lv/blog/wp-admin/moderation.php

Moderator Samuel Wood (Otto)
(@otto42)

WordPress.org Admin

17 years, 3 months ago

I receive emails about comments, not about trackbacks.

Actually, you receive emails about both. Trackbacks look just like comments, for the most part. They just come in through a different door.

Doodlebee
(@doodlebee)

17 years, 3 months ago

I receive emails about comments, not about trackbacks.

Exactly what Otto said – if you’re set to receive emails about new comments, you will also receive them on trackbacks. (I get them all the time.) Te email notification to you is the same either way.

Definitely get yourself some Bad Behavior – it’s a nice little plugin that plays well with Akismet.

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘Security problem with WP 2.1’ is closed to new replies.

Security problem with WP 2.1

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics