Receiving weird comments (maybe sql injection)

Hi,
Yes, it’s a kind of SQL injection attack. You can defence your site against such kind of attacks with a firewall. The easiest way is to install a defence plugin like BBQ Firewall
It’s a lightweight, but efficient firewall against bad requests.

thank you @newsarena I thought wordfence can block such requests.
I am installing BBQ Firewall rightaway.

I see that these comments come from the same IP address. You can block it via comment options in WP Admin Dashboard – Options – Comments – Comment Blocklist.
And of course you can use Wordfence to block this IP. You can search it in Live Traffic logs then block it.
Keep in mind that after you block IP in Live Traffic, you have then go to Blocking section in Wordfence and mark it for Permanent block.

• This reply was modified 2 years, 4 months ago by NewsArena.

Hi @ashujun, thanks for contacting us.

You could also try disabling XML-RPC which might be allowing comments through that are posted to your site. The comments themselves do look like SQL injection attempts, which may at some point have worked with certain vulnerable plugins/WP versions but are clearly just being treated as plain text in this case (as they should.)

“Disable XML-RPC authentication” appears in Wordfence > Login Security > Settings. You can also block this route entirely using .htaccess , provided you don’t use the WordPress app or a plugin that requires it such as Jetpack:

# Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

Thanks,

Peter.