[wp-hackers] New Comment Whitelist Plugin
Kitty
kitty at mookitty.co.uk
Wed Jun 23 10:24:06 UTC 2004
On Wed, 2004-06-23 at 01:43, Zarniwoop wrote:
> Does it mean that I can use another ones email address to auto-approve
> my comment if he is on your whitelist? Getting someones email should
> be a minor problem because WP shows the comment author's webpage where
> I normally can find his email address he uses on the web.
>
> I wouldn't do this, but is it possible?
Sure it's possible! A spammer could run a dictionary attack on your site
to find an email address that works. Nothing can prevent a dedicated
spammer, but most are just bots, and that's what I'm looking to toss
into the mod queue. And since there's no warning, they won't know why
the comment didn't show, and assume that all comments are modded, and
move on to an easier site to vandalise. Which is what we want :)
Stay tuned for v.1.1 that filters for ping/trackback comments.
--
Cheers!
Kitty <kitty at mookitty.co.uk>
http://blog.mookitty.co.uk/
http://mookitty.co.uk/devblog/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : /pipermail/hackers_wordpress.org/attachments/20040623/28b4ac90/attachment.bin
More information about the hackers
mailing list