Trackback/.comments security hole? Spam (1 post)

  1. mesocyclone
    Posted 8 years ago #

    I have been receiving comments spam even though using captcha. Research showed that the spam was entering the comments through a post, apparently to the trackback! Furthermore, there is no log entry showing the post had been read or the comment page had been brought up. The following apache log entry (time and posting name match) led to the spam comment on the related post: - - [16/Nov/2007:15:09:21 -0800] "POST /blog/2006/11/23/a-posting/trackback/ HTTP/1.0" 200 78 "-" "Track Back/1.02"


Topic Closed

This topic has been closed to new replies.

About this Topic