[wp-hackers] Comment spam floods?
Ryan Boren
ryan at boren.nu
Sun Nov 28 04:00:05 UTC 2004
On Sat, 2004-11-27 at 22:43 -0500, Ryan Duff wrote:
> On Saturday, November 27, 2004 7:28 PM Alistair Young wrote:
>
> > Is there something wrong with wp 1.2.1? nothing seems to work
> > properly for
> > configuration:
> >
> > 1) getting spammed sensless via comments - disable comments -
> > they still come through. They even come through on new posts
> > where comments have never been enabled
>
> Thanks for bringing this up, I noticed this the other day on my 1.2.1 test
> blog. I had made some test posts and deleted them. If I tried to go to them,
> I'd get a "no matches" response, but I kept getting notified that comments
> were being left on them. This set off a red flag as to how comments could be
> left on posts no longer in the database. They could no longer be visited, so
> how were comments able to be left on them. I also turned off comments and
> still got comments. I think we may need to take a look at the code, seems
> like there might be a flaw that lets spam bots keep spamming, the only thing
> is, they don't get any exposure anyway because the post can't be seen by
> anybody else. Has anyone else noticed this?
You can get a fixed wp-comments-post.php for 1.2.1 here:
http://cvs.sourceforge.net/viewcvs.py/*checkout*/cafelog/wordpress/wp-
comments-post.php?rev=1.11.4.4
More information about the hackers
mailing list