Support » Plugins and Hacks » How do spammers post comments to WordPress blogs?

  • We modified our theme’s comment form to remove the URL field – partly because users were putting junk in there, and partly to deter spammers.

    However, we’re still getting loads of spam comments – and in the WordPress dashboard, I can see that many of the comments have a URL attached. Obviously these spam comments are being posted through a mechanism other than the comment form. Are they hitting comments.php or wp-comments-post.php directly?

    I’d love some insight into this, because I’m looking for ways to thwart this type of spamming at source. Like, for example, my Nginx based translation of the “no referer spam” rules:

    location /wp-comments-post\.php {
                    valid_referers *;
                    if ($invalid_referer) {
                            return 403;

    Any thoughts?

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘How do spammers post comments to WordPress blogs?’ is closed to new replies.