WordPress.org

Forums

URL removed from comment form, still get in comments (4 posts)

  1. Matt Knowles
    Member
    Posted 5 years ago #

    Because it was only being used by spammers, I removed the URL field from the comment entry form on my blog.

    But I still keep getting entries that when I go to moderate them, the URL field contains an entry.

    Any way to prevent spammers from doing whatever they are doing to submit comments without using the comment form?

  2. Safirul Alredha
    Member
    Posted 5 years ago #

    What do u want actually? Don't want any URL to be submitted and inserted to the database at all?

  3. Matt Knowles
    Member
    Posted 5 years ago #

    I've removed the URL field from the form that visitors can use. So there's no place for spammers to enter the URL.

    Even though there is no longer a field for them to fill in, I get submitted comments to moderate that have the URL field filled in. That leads me to believe that they aren't using the form on my web site to submit the comments.

    Seems like a big security hole that I'd like to close.

    Here's the URL for the blog entry:

    http://www.vpa.org/wp/2010/02/the-roses-are-reappearing/

    Here's the email I recieved:

    A new comment on the post #4 "The Roses are Reappearing" is waiting for your approval
    http://www.vpa.org/wp/2010/02/the-roses-are-reappearing/

    Author : Yadira Wrape (IP: 82.40.173.110 , cpc12-chap3-0-0-cust109.aztw.cable.virginmedia.com)
    E-mail : Ardis89@gmail.com
    URL : http://www.tenlist.com/concrete-cleaning/oakland-CA/
    Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=82.40.173.110
    Comment:
    Hello! I found your site quite by mistake and it worked out great. This is very interesting an dI will be back for more. Thanks.

  4. Chris_K
    Member
    Posted 5 years ago #

    Spammers don't always actually visit your site and use your forms. They just "post" in the comment. I wouldn't call it a huge security hole as it is kinda how the web works with respect to submitting web forms.

    Have you looking into any anti-spam measures? I find Akismet and Bad Behavior work well at stopping such things.

Topic Closed

This topic has been closed to new replies.

About this Topic