[wp-trac] [WordPress Trac] #60161: Comments on pages where comments are not allowed

WordPress Trac noreply at wordpress.org
Thu Feb 15 06:23:33 UTC 2024


#60161: Comments on pages where comments are not allowed
-------------------------------------------------+-------------------------
 Reporter:  is0ph                                |       Owner:  (none)
     Type:  defect (bug)                         |      Status:  new
 Priority:  normal                               |   Milestone:  Awaiting
                                                 |  Review
Component:  Comments                             |     Version:  6.4.2
 Severity:  normal                               |  Resolution:
 Keywords:  needs-screenshots needs-testing-     |     Focuses:
  info                                           |
-------------------------------------------------+-------------------------

Comment (by gcctfnse92):

 It's concerning to hear that you're receiving comment moderation requests
 on a page where comments are not allowed. This issue could potentially be
 caused by a misconfiguration or a security vulnerability on your website.
 Here are some steps you can take to investigate and address the problem:

 1. **Review Comment Settings**: Double-check the comment settings in your
 WordPress dashboard to ensure that comments are indeed disabled for the
 Privacy Policy page. Go to Settings > Discussion and make sure the "Allow
 people to post comments on new articles" option is unchecked.
 Additionally, verify that individual pages have comments disabled in their
 settings.

 2. **Check Page Settings**: Go to the Privacy Policy page in your
 WordPress dashboard and confirm that comments are disabled for this
 specific page. In the page editor, scroll down to the Discussion meta box
 and make sure the "Allow comments" option is unchecked.

 3. **Inspect Comment Form**: Review the HTML source code of the Privacy
 Policy page to see if there's a comment form present. It's possible that a
 plugin or theme is overriding the default behavior and allowing comments
 on this page. Look for any code related to comments or comment forms.

 4. **Review Plugins and Themes**: Evaluate any plugins or themes installed
 on your website that could potentially affect comment functionality.
 Disable any plugins that are related to comments or moderation, and switch
 to a default WordPress theme (such as Twenty Twenty-One) to see if the
 issue persists.

 5. **Security Audit**: Conduct a security audit of your website to
 identify any potential vulnerabilities that could be exploited to bypass
 comment settings and submit unauthorized comments. Look for any suspicious
 activity or unusual patterns in your website's access logs.

 6. **Monitor Comment Activity**: Keep an eye on comment moderation
 requests and monitor for any recurring patterns or suspicious behavior.
 This can help you identify the source of the unauthorized comments and
 take appropriate action to prevent them in the future.

 7. **Contact Hosting Provider**: If you're unable to identify the cause of
 the issue or if you suspect a security breach, consider contacting your
 hosting provider for assistance. They may be able to provide additional
 insights or help you investigate further.

 By following these steps and conducting a thorough investigation, you
 should be able to identify the cause of the issue and take appropriate
 measures to prevent unauthorized comments on your Privacy Policy page. If
 you continue to experience problems, consider reaching out to a WordPress
 developer or security expert for further assistance.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/60161#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list