Support » Fixing WordPress » Spam bypassing comment registration?

  • I have a site up and running where I’m requiring users to register before being able to post comments. I’ve tested this and it’s set up correctly, users are not given a comment box until they’re logged in.

    However, I have spam comments coming through, these are not being posted by members. How are these comments sliding through if I’m not allowing this?

    As a safeguard I turned off trackbacks as I read elsewhere that there may be a bug which allows spammers to send through comments this way, but to no avail as I’ve received more spam since doing so.

    This isn’t about the spam per se (as I’ll get Akismet running) but I’m wondering/concerned that there may be a larger issue if spammers can bypass these settings in WordPress 3.0.

    Any solutions to this? Is this a bug?

Viewing 4 replies - 1 through 4 (of 4 total)
  • govpatel


    You will find answer to your problem here as some else has the same problem

    Hello, thanks for the reply but that’s not the issue. These are not spam bots that are registering, I’m monitoring my registrations closely and am using a double-opt in email verification to keep bots from gaining access.

    This issue is that bots are able to post comments without registering, which they should not be able to do since I’ve set it up in Settings > Discussion “User must be registered and logged in to comment.” How are they bypassing this? Thoughts? Bug?

    Chip Bennett


    Theme Review Admin

    Try blocking no-referrer spam in .htaccess. Spam bots will simply submit $_POST data to comments.php, completely bypassing your comments template markup.

    Chip, thanks! This make sense and appears to be a solid solution to this problem. I’ve added the necessary code to my .htaccess file and will continue to monitor the situation.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Spam bypassing comment registration?’ is closed to new replies.