[wp-hackers] Comment spam floods?

Alistair Young alistair at smo.uhi.ac.uk
Mon Nov 29 10:06:40 UTC 2004


thanks for that - it destroyed my blog! When I copied it over, all 
posts disappeared apart from the first one!
Alistair

On 28 Nov 2004, at 04:00, Ryan Boren wrote:

> On Sat, 2004-11-27 at 22:43 -0500, Ryan Duff wrote:
>> On Saturday, November 27, 2004 7:28 PM Alistair Young wrote:
>>
>>> Is there something wrong with wp 1.2.1? nothing seems to work
>>> properly for
>>> configuration:
>>>
>>> 1) getting spammed sensless via comments - disable comments -
>>> they still come through. They even come through on new posts
>>> where comments have never been enabled
>>
>> Thanks for bringing this up, I noticed this the other day on my 1.2.1 
>> test
>> blog. I had made some test posts and deleted them. If I tried to go 
>> to them,
>> I'd get a "no matches" response, but I kept getting notified that 
>> comments
>> were being left on them. This set off a red flag as to how comments 
>> could be
>> left on posts no longer in the database. They could no longer be 
>> visited, so
>> how were comments able to be left on them. I also turned off comments 
>> and
>> still got comments. I think we may need to take a look at the code, 
>> seems
>> like there might be a flaw that lets spam bots keep spamming, the 
>> only thing
>> is, they don't get any exposure anyway because the post can't be seen 
>> by
>> anybody else. Has anyone else noticed this?
>
> You can get a fixed wp-comments-post.php for 1.2.1 here:
>
> http://cvs.sourceforge.net/viewcvs.py/*checkout*/cafelog/wordpress/wp-
> comments-post.php?rev=1.11.4.4
>
>
>
>
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org




More information about the hackers mailing list