Comment Spam

They find you through the Update Services that you ping. Just look for the Update Services setting. Unfortunately, this is a rather useful setting and I won’t disable it.

$url = trim(strip_tags($_POST[‘url’]));
if (strpos($url,”poker”) !== false) { die(“Denied”);}
if (strpos($url,”ottawavalley”) !== false) { die(“Denied”);}
I’ve put in a few of these lines in my wp-comments-post.php that look for those keywords in the url field. It can be attached to the other fields as well. This has killed most of the attacks I’ve gotten lately by not even getting the comment into my database. Even when the comments are changing, these guys want certain words in the URLs to get their search rankings up.
It’d be nice if WP had a field that was keywords for moderation, and keywords to immediately kill.
Although I’m posting this after not visiting WP for a while so maybe things have changed….

It is a feature in WP v1.2.x. Look in Options/Discussions. As for automatically deleting them, do a search around the forums, the solution is here.

Thank you ever so much…this worked beautifully. I was getting hit with tons of online poker ones. Thanks!

I tried following this stuff and renamed my files, then found nothing related to comments worked. I tracked down a few instances of the comments-popup file in the code, but I can’t seem to get comments to work. When I post a comment now I get this:
Warning: Invalid argument supplied for foreach() in /home/thebeaut/public_html/commentpop.php on line 6
I looked at the code and it looks fine. (“commentpop.php” is what I renamed the popup file to.) What am I missing?
Maybe in the future you all could specificy exactly where in each file we need to make changes. What’s listed on the first page of this thread seems simple enough, but once I’d gotten into the changes I found it was a LOT more complicated than it was made out to seem. Not all of us are code-junkies, you know. ??

My site, by the way, is https://www.thebeautifullull.com. Thanks . . .

tcj: https://www.tamba2.org.uk/wordpress/spam/

Yes, thanks, but I’ve already read that over and over and over – it still doesn’t clear up where exactly the file names need to be changed in the code. Like I said, I’m not a code-junkie. I changed the names of the files, then nothing worked. I looked in what files I thought might have the file-names referenced, changed the few I did find them in, and still nothing works. What I need to see is a list of what files need to be changed, and what lines of code need to be changed in each of those files.

Macmanx, I’ve obviously already done that, seeing as I’m posting comments in that thread. What appears obvious to you is not obvious – I followed the instructions to a T and nothing worked. I made a few desperate changes in the code of several files to reflect the name change for the popup file and comments still do not work right.
At the moment I am VERY frustrated and very disappointed with WordPress, and, consequently, very sorry I switched from Pmachine – I never, ever had comment spam, not once with Pmachine. Now I’m hand-deleting hundreds of comment-spam each day and at the moment have no comments at all because of the changes I’ve made. All I’m asking for is a detailed instruction set for what names to change where in what files. Shouldn’t someone out there put together a step-by-step process for making this change, written at a very, very basic level, to be included with the WordPress download so users never have a problem with unwanted spam from the start?

Macmanx, that is exactly what I needed! Thank you! I’m out of time this morning but I’ll do this tonight and see how it works. I think I can actually fix the files I have rather than re-upload them, as I tried to make note of what files I changed. But if not, I’ll have a project to keep me busy this weekend . . .

thx for the rename-advice. simple, but effective..!

Glad I could be of assistance.

I sent this e-mail to him and it stopped within a few days:
‘Recently I’ve been experiencing an abnormal amount of spam on my blog, fallingbullets.com. Of course, the spam is filled for a casino program, hosted at *****. Looking up the WHOIS records, I found the following info:
E-mail:
[email protected]
Yukkii
3 Connell Dr.
Berkeley Heights, NY 07922
Telephone:
1 (908) 234-2243
So, this all comes to you. I am asking you to reply to this e-mail, informing me that you will stop spamming my server (your spamming tactic doesn’t work anymore anyways, you’ve been blacklisted). And you WILL stop spamming my server. You’re filling up my logs with ridiculous amounts of false hits. This takes time and effort to clean up, which results in true monetary loss.
And that’s where the law comes in. Because I have suffered loss, the law will step in on my behalf. California, as you know, has stringent laws regarding spam. My server is hosted within California, so the california anti-spam laws apply.
I’ve contacted the Electronic Frontier Foundation as well as legal representatives for https://spam.abuse.net/ and they both are willing to aid me if you do not discontinue spamming my server.
If you do not reply to this e-mail within a reasonable amount of time, I will persue action.
-Tyson
Webmaster of fallingbullets.com entropymag.net and iotapi.com’
Of course, I never contacted the EFF nor did I have a lawyer. ??

Ooops. Backticks. Not apostrophes. Sorry!

Instead of deleting wp-comments-post.php after changing the name to something else, you could actually use it to be pro-active.
Use the above technique of making a new, renamed copy of your wp-comments-post.php. Then edit the original wp-comments-post.php to redirect spambots away from your site. It’ll end the 404 barrage and, if the spambots work like a search engine bot (most research suggests they PROBABLY do), then they may learn to never come back to your site.
So…
1. Follow the above procedure from macmanx, but don’t delete wp-comments-post.php.
2. Edit wp-comments-post.php to include ONLY the below, nothing else:
<?php
header(“HTTP/1.1 301 Moved Permanently”);
header(“Location: https://www.cnn.com/&#8221;);
?>
3. Upload to your server as wp-comments-post.php.
What happens? When a spambot goes looking for wp-comments-post.php it will find it, but the 301 redirect rule tells the bot that the page has moved PERMANENTLY to https://www.cnn.com. Thus the bot will follow the redirect, winding up on https://www.cnn.com/ and leaving your WP blog alone.
Of course you can change the redirect location to any valid location–if it isn’t valid, you’ll cause your server troubles. I used CNN rather than some kind of anti-spam organization for two reasons: First, such organizations are usually small and can’t handle the extra bandwidth, however little it may be; besides, I certainly don’t want to risk them having a WP blog. And, second, spambots might have internal protections against being redirected to known dangerous targets or URIs with certain words in them.
Want to see how it works? Visit here: https://quarkvsindesign.com/news/wp-comments-post.php