Disable Comments (Due To Spam)

WordPress doesn’t have a global way to turn off comments. Comments and ping/trackbacks are enabled or disabled on a per-post basis only.

Anyway, turning off comments is not a spam solution. Use anti-spam plugins like Akismet and Bad Behavior. These are way more effective than trying to deal with spam manually.

That’s not strictly true. Options > Discussion has several options, one of which is ‘Allow people to post comments on the article’. Unchecked, this option unchecks the corresponding box on new posts, but not old ones.

Similar posts seem to be saying that the problem could be with trackbacks rather than comments. I’m having the same issue as the OP (I’m running 2.2.3), and have just tried turning trackbacks/pings off, to see what happens.

However, it seems to me that if there are options to comprehensively turn off comments, but owners still get them from somewhere, then there is a pretty fundemental problem here. How are the spammers getting the comments into my database, and what else could they do while in there?

Gary

If you’re really sure you’re never going to want comments, anywhere, on anything (or that if you change your mind, you’ll know what to do), you can go into the theme you’re using, and delete the call for the comments section in your index.php, single.php, page.php, etc.

If the call isn’t there, they won’t show, and you won’t have to go through a ton of past posts to change them individually, it’ll just get rid of whatever’s there, and prevent anyone from adding any in the future.

Just make sure you know what you’re doing/deleting… make backups of the files, just in case you accidentally break anything.

Gary – trackbacks are created when someone links to your post – they don’t “get into the database” beyond your allowance, rather in order to prevent them from showing up you have to disable everything, and remove the call to post the trackbacks as well as comments entirely.

I also agree with Otto about simply using a spam protection plugin like SpamKarma or Akismet. It’ll be far more manageable and won’t alienate people from your blog. It makes sense to allow comments on a blog – that’s part of what a blog is about, interactivity – but if you’re not using WP for that, then I say there’s no harm in removing the call for comments in the theme code. But if that’s what you’re doing, why bother using software at all? You could just use DreamWeaver and write paragraphs… kind of silly, isn’t it?

Hi,

I thought I *had* deleted the comments-inviting code from my template files – that’s another thing that’s bugging me, I’ll check again. I’ve even turned off the option that emails me when a comment comes in, but I still get an email, which is how I know I’m getting the stuff!

I agree with you that blogs are there to allow interactivity, but no-one wants to interact with me, so it’s become more of diary site than a true blog, but with a contact form, just in case. Plus, I can update it anywhere (ish) in the world, like when I was in Canada these last few weeks. Much better than when I used to use Dreamweaver.

Gary

I guess my request was not clear: I want to disable comments completely. In other words, which PHP file do I need to delete or modify to stop commenting completely? Do any WP developers visit this forum, who can answer my simple question?

As I may have mentioned in my first post, everything dealing with commenting is turned off. In fact, it was turned off when I originally set the blog up. It NEVER has been turned on, ever. Also, ALL links to any of the commenting system were removed from the templates completely early this summer; the spambots have nothing to link to since then, but once they had my URL in their lists from earlier in the year (the commenting links were in there, but commented out…unfortunately, that is where they picked up the links *sigh* ), there is no way to get off of those lists. (Same issue with forums–I run 15+ different forums using three different forum systems, and several are on the spambot lists as well.)

So once again, which PHP file do I need to modify or delete to stop commenting? It’s a feature I don’t want, and never will want for most of the sites I’m building that use WP, as we use forums for feedback and discussion.

TIA…

you indicate you are using 2.1.3.

delete wp-comments-post.php and all attempts to comment will be forever sent to 404 land.

As I may have mentioned in my first post, everything dealing with commenting is turned off.

Then what’s the problem? You don’t need to delete anything to stop commenting completely if you’ve already actually done it.

whooami is perfectly correct, deleting that file will also stop commenting, but not anymore than you claim to have already done. When comments are off on all your posts, they are *off*. Comments cannot make it into your system if comments are disabled on all the posts.

otto! check your email!!

whooami is perfectly correct, deleting that file will also stop commenting, but not anymore than you claim to have already done. When comments are off on all your posts, they are *off*. Comments cannot make it into your system if comments are disabled on all the posts.

With respect, Otto42, that’s not what’s happening in practice for me.

Of the eight settings under Options > Discussions, the first four are off. That includes ‘Email me whenever anyone posts a comment’. Today (so far) I’ve received 20+ emails saying that someone has posted a comment.

Under Options > General, the options are set so that only registered, logged-in users can post comments. I have two registered users, me and the Admin (and I checked using phpMyAdmin, in case something had sneaked in).

Now, under Options > Discussion, I can untick the box so that I’m not notified whnever a comment is held for moderation, but it still doesn’t explain how a comment can be sent when the sender isn’t a registered user, isn’t logged in and there is no comment form for them to fill in on my templates anyway.

I will now try deleting that php file…
Gary

Probably, it is NOT comment but a trackback (TB) sent by spammer scripts that don’t really care about your settings – they just go around it and hit directly your files.
TB spam is the most common junk nowadays.

moshu is correct, these are probably not comments, they are trackbacks.

You want to disable pingbacks and trackbacks on all your posts. Go to edit each post and look in the top right corner. Expand the box there and there’s two options: one to enable pings, one to enable comments. Turn them both off.

You can see how it’s confusing… emails come in saying ‘A comment is awaiting approval’, only they’re actually pingus and trickbacks. Be nice if WordPress could say what was coming in, instead of lumping them all together as comments and causing confusion.

Even better if there was an option to turn on/off comments and suchlike for older posts as well as future ones, instead of asking the blog owner to open up phpMyAdmin and run ‘UPDATE wp_posts SET ping_status=”closed”;’ as an SQL command. Let’s hope that works!

Gary

Agreed. The notification email already makes that distinction, but the moderation email doesn’t.

I’ve added a patch for this to the bug tracker that will make those emails a bit clearer.

https://trac.www.ads-software.com/ticket/4986

I think Moshu has it: I found another answer on here saying these spam “comments” were probably coming from trackbacks.

https://www.ads-software.com/support/topic/112756?replies=4

I’m going to try renaming that trackback PHP file and see if that stops the spamming. Otto42: thanks for adding that to the bug tracker. The e-mails I get only say I have a comment awaiting moderation. If it had specifically said it was a trackback, I wouldn’t have been chasing my tail for a month… ??

For that matter, I could apply Otto42’s diff to pluggable.php and monitor what comes through before I change anything else.

>> For that matter, I could apply Otto42’s diff to pluggable.php and monitor what comes through before I change anything else. <<

Otto42’s “da man”! Sure enough, the first moderation e-mail I received correctly identified it as a trackback. That’s good to know, since I know what to disable now.

I’m pretty sure I had pings unselected on all of my posts, but I’ll go recheck that. Maybe in a future WP version we’ll have an option to also disable pingbacks and trackbacks globally.

Thanks again, everyone!