Closed Comment Was Posted To- How?

  • A post that has been closed on my blog for over two years was commented on recently and for the life of me I can figure out how. Because I moderate all new commenters it didn’t actually show up in the post, but how they able to do that when no comment box is visible baffles me and worries me.

    I am running WP 2.9.1 and any help solving this issue would be greatly appreciated.

Viewing 2 replies - 1 through 2 (of 2 total)

  • I just tested this on my own site and found a bug that allows tech-savvy users to create comments for any post on your site if they know the post ID. While there’s no immediate fix for this, the safest thing to do is make sure you’re not using the default permalink setup (blog.url/?p=102) because this exposes your post ID to the user.

    To change your permalinks log in to your site and go to Settings >> Permalink.

    I’m also reporting this to the dev community so we can start working on a fix.

    Thread Starter Newchik

    (@newchik)

    Hi- thanks for your reply. I am not using the default permalink structure- will await a fix.

    Thanks so much- my main concern is that it wasn’t a security issue for my site ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Closed Comment Was Posted To- How?’ is closed to new replies.

Tags