WordPress.org

Support

Support » Plugins and Hacks » [Plugin: Disqus Comment System] Disqus should disable POSTing of comments to built-in comments (patc

[Plugin: Disqus Comment System] Disqus should disable POSTing of comments to built-in comments (patc

  • Today I got a comment POSTed by a spam bot straight into /wp-comments-post.php, even though Disqus was enabled. The bot knew how to post new comments even if no form is available – it’s very simple to do by using a manual POST request.

    When Disqus is enabled, it should disable the built-in comment system, as all comments should go through the Disqus JS form.

    I have created a patch which uses the dsq_can_replace() logic to determine if Disqus is enabled and tested it on a development site with Disqus enabled and disabled. When Disqus was enabled, it has successfully errored out with a 500 error and an explanation. When Disqus was disabled, it allowed the comment to go through.

    I will post the pull request in a minute.

    http://wordpress.org/extend/plugins/disqus-comment-system/

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: Disqus Comment System] Disqus should disable POSTing of comments to built-in comments (patc’ is closed to new replies.