still spam after upgrade from 2.1.2 to 2.1.3

I’ve found the Akismet plugin blocks the vast majority of spams – I’ve had 23,000+ spams and only about three went through thus far. It’s a phenomenal plugin.

The 2.1.2 to 2.1.3 upgrade wasn’t intended to fix spam problems, to my knowledge.

That would be Trackback spam. Not something addressed by a security release.

What follows is a standard message that should help:

Install and activate Akismet or Spam Karma 2. Then install and activate Bad Behavior.

https://akismet.com/
https://unknowngenius.com/blog/wordpress/spam-karma/
https://homelandstupidity.us/software/bad-behavior/

For those who struggle with the Akismet directions: https://wordpress.com/api-keys/

See also the Combating_Comment_Spam page in the Codex.

well… I have comments turned off. No one should be able to post a commment to the ‘waiting for moderation queue’. Unless I’m misunderstanding how wp works.

I wasn’t getting any comments of any type before 2.1.2

From other posts I’ve read iin here those two, Akismet and Spam Karma 2 change the moderation abilities of a blog. Such thatr spam can still get to my blog, if those 2 plugins let them through.

So far, the spammer cannot get their comment seen, as I have to okay it first.

I’m confused then. How are they able to post a spam comment to the moderation queue, with comments off ?

Since I don’t allow comments, couldn’t I just delete the comment php pages so it never get anywhere into my blog ?

thanks,

first sentence of handysolo’s response tells you where the spam is coming from: trackbacks. if you want trackbacks disabled, remove wp-trackbacks.php.

And/ or block teh IP address that you say that you have:

https://www.clockwatchers.com/htaccess_block.html

I have comments turned off. No one should be able to post a commment to the ‘waiting for moderation queue’. Unless I’m misunderstanding how wp works.

Re-read my post. Focus on “Trackback Spam”. Trackbacks are defined here or here.

I’m curious – do you think we’d suggest solutions that would make your spam problem worse? If so, why?

Why would I think that ? I don’t.

I did a search before my original post. I found several posts in these suppport forums that stated those 2 plugins altered the moderation of wp.

There we go, all wp-trackback.php deleted. I have 3 blogs.

And I added the deny thing to my .htaccess file.

Thanks,

trackback != comment

You manage them in the same place, but they are handled differently. Please see the links I gave defining trackbacks.

Note that you can turn off trackbacks/pingbacks per post. You can turn them off for all future posts. In fact, you can turn them off en masse for all past posts with a bit of SQl (that a search here will turn up).

I thought I had pings and trackbacks turned off.

I just checked and it looks like I do, unless I stupidly missed where its done. I could have.

Options -> Discussions, unchecking “Allow link notifications from other Weblogs (pingbacks and trackbacks.)” well set you up for all posts you create from that point.

It will not “retro” apply to the older/existing posts.

it is has always been off.

I double-checked, and its still off.

I see, on my Dashboard, TechGnome’s World in 2005 and Thechnorati link to my site via tthe TechGnome’s pages.

Hmmm. TechGnome’s links, on my Dashboard, now show a 404.

edit:

very tired from moving my parents and their belongings for 3 days. One of those ‘do it yourself’ moves.

So my ability to communicate is kinda flaky.

If the trackbacks and linkbacks were never enabled, I’m confused on how they could be doing it now, unless it is a security issue of some sort.

I know virtuallly nothing about php.

But I can, mostly, understand instructions.

I see, on my Dashboard, TechGnome’s World in 2005 and Thechnorati link to my site via tthe TechGnome’s pages.

That’s just technorati showing you who has linked to you. That’s not an attack or security vector (nor a trackback).

okay.

I tried a few things, if nothing happens for the next day or so, then it worked.

No more comments have shown up in my comment moderation queue so far on Tuesday. Around 11 AM Eastern US.

I have that IP address blocked in my .htaccess file on alll of my blogs.

Unless another one shows up, I’ll consider this resolved.