Spam and WP comment architecture

  • I am trying to figure out how the spambots work. Am I correct in assuming that the only place that WordPress inserts comments is in
    wp-comments-post.php :

    $wpdb->query(“INSERT INTO $tablecomments
    (comment_post_ID, comment_author, comment_au ….

    If so, and if I insert a function that checks for forbidden words like ‘holdem’, in this very file, and if this filter discards every manual post that I test it on before the execution reaches the insert into the comment table, then how in heavens name is the spambot still able to insert comments with the forbidden words into my comment table? I don’t see how it can skip across my function which is invoked just before the insert. It seems as though it does the insert without using the WordPress insert function? is there another insert function somewhere else. Or else what is going on?

    I can’t see how it can insert comments directly into the WordPress DB without going thru this code segment? What am I missing?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    You aren’t missing anything. What you’re asking for has been done, many times. WordPress itself uses a keyword blacklist, which catches all comments with certain words and holds them for approval. There are several other hacks which just kill the comments with matching words.

    https://www.ads-software.com/support/topic.php?id=22659
    https://www.ads-software.com/support/topic.php?id=22774
    https://www.tamba2.org.uk/wordpress/spam/

    Thread Starter lennartf

    (@lennartf)

    Thanx! I realize that others have already written hacks for this and I have looked at their code. I am just trying to understand the original code.

    I enter a spam message in a comment field and my filter stops it in the wp-comments-post.php file before it can be inserted in the DB. Then a few minutes later a real spammer inserts the identical message 40 times, passing right thru my spam filter. So he is doesn’t seem to be executing my code which demonstrably stops any comment with the word ‘holdem’. I am just mystified. But if the only DB insert happens in the wp-comments-post.php file then I should be able to stop him.

    Moderator James Huff

    (@macmanx)

    Yep, the only insert is in wp-comments-post.php, hence to “complete” way to deactivate comments is to delete wp-comments-post.php. As for your filter, I’d suggest contacting one of the filter authors and ask for a more in-depth explanation on how they did it, or just use their code.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Spam and WP comment architecture’ is closed to new replies.