How do spammers post comments to WordPress blogs? (2 posts)

  1. GerryBot
    Posted 4 years ago #

    We modified our theme's comment form to remove the URL field - partly because users were putting junk in there, and partly to deter spammers.

    However, we're still getting loads of spam comments - and in the WordPress dashboard, I can see that many of the comments have a URL attached. Obviously these spam comments are being posted through a mechanism other than the comment form. Are they hitting comments.php or wp-comments-post.php directly?

    I'd love some insight into this, because I'm looking for ways to thwart this type of spamming at source. Like, for example, my Nginx based translation of the "no referer spam" rules:

    location /wp-comments-post\.php {
                    valid_referers *.example.com example.com;
                    if ($invalid_referer) {
                            return 403;

    Any thoughts?

  2. Samuel B

    Posted 4 years ago #

    Are they hitting comments.php or wp-comments-post.php directly?


    these 2 plugins will stop all spam bots and fake comments

Topic Closed

This topic has been closed to new replies.

About this Topic