Hi Everyone, I've searched through the forum extensively on malicious comments and there's not been much action to date apart from one thread here:
PERMANENTLY SAVE MALICIOUS COMMENTS
Here's the focus of this post: "If someone has written a malicious comment on your WP blog and it's held in the moderation queue, surely it's wise to save it permanently!"
My POV is that if someone sends you a really malicious comment, you don't want to delete it at all, because it contains IP address, date/time stamp, in addition to the offending text. This is valuable information for law enforcement agencies. (OK IP addresses can be faked... but it may not be.)
ARE SPAM COMMENTS PERSISTENT?
At the moment, the only real solution is to mark the malicious comments as Spam, so they will be saved to the database. It seems WP does not purge comments out of the wp_comments table that have been marked as Spam:
Unless the WP code has been modified or you're running any plugins that purge spam entries in wp_comments, then they stay there. Still true?
But, it's inelegant, because if you have decided to keep spam that's got through your Spam Karma 2, Akismet and Bad Behaviour plugins, then it's mixed in with malicious comments. SQL queries are not so easy.
Additionally, you may decide at some future date to run a plugin that purges all comments flagged as spam out of your wp_comments table. If you do that, you wipe out all the malicious comments as well. Not a clever move!
So, saving malicious comments in wp_comments is a just a temporary workaround.
NEW EDIT CHOICE - MALICIOUS
I think there's a need for an additional comment action in moderation.php, which would be to archive the comment, but to tag it as evil/malicious. The action is exactly the same as Spam but it would be tagged as evil/malicious in wp_comments and therefore so much easier to query in MySQL.
If the action is displayed by moderation.php as Evil/Malicious, it's easier for users to understand its purpose (and easier for the support forum). This makes it abundantly clear that you're tagging the comment as seriously bad news that may require further action.
So the comment actions list would look like this:
DT Stamp - [ Edit | Delete | Unapprove | Spam | Malicious ]
In wp_comments, the comment_approved field would be: enum('0', '1', 'spam', 'evil'), whatever...
I think it would be a relatively simple mod to make, the funcs are already there for Spam. But it would make a great sensible addition for anyone who wants to keep malicious comments should they need to go to a law enforcement agency... But let's hope it will never happen to you!