“Users must be registered and logged in to comment”

  • I’ve read the spam FAQ and I don’t see a solution to my problem.

    I have my options set as follows:
    * Anyone can register: unchecked
    * Users must be registered and logged in to comment: checked

    There are no registered users other than myself.

    And yet, every day I get several notices about posted comments that I need to moderate. It’s always spam. How are the spammers getting around the “registered and logged in” requirement?

    At least the spam is just going into moderation and not actually being posted. But it seems to me that given how I’ve got the controls set, they shouldn’t even be able to get a comment into moderation.

Viewing 4 replies - 16 through 19 (of 19 total)

  • no, you prolly cannot hope that since as far as I understand trackbacks and pingbacks are treated as comments for the obvious reason:

    1. ppl LIKE to moderate them.

    Most “seasoned” users have no trouble distinguishing between a comment and a trackback.

    I disagree with Moshu. They are comments, not just trackbacks. They’re created with crappy automated blog commenting software, but they’re still “comments” as defined by your wordpress software. “Comment spamming” is well known, and to say otherwise is “total nonsense”.

    I’ve had great success stopping comment spam by implementing the secureimage plugin -https://uberdork.supertwist.net/download/secureimage.tar.gz

    AH! So that’s it…

    I posted another post on this forum somewhere:

    I have comments closed to unregistered users (and always have had it that way) but I just got a spam comment for moderation ??

    How can this be? What security loophole is there on my website? I cannot for the life of me, find anything about this on the internet or this forum. Has anyone experienced this before?

    But I understand it was not a comment but a trackback… I find it confusing, to say the least, to put these on one heap as comments… I must agree with bronto on this point. Whooami, I am not a ‘seasoned’ user but I find I’m not the only one wasting a whole day trying to figure this out!

    Anyway, glad that I am not crazy and found the answer…

    Well, this is a very good thread here. I also don’t think this spam of comments recently observed on my blog is trackbacks at all, it rather seems like some new bot network has hacked apart wordpress to the point they can initiate these comments via some type of software. Maybe it is using a trackback of sorts to trick our sites into thinking these are trackbags but I have a trackback from my own blog to a page on my site and it looks like a trackback – not a comment.

    I’m going to check out this image recognition thingie over the weekend.

    Moshu, maybe you should read what is being asked before letting your nerves get the better of you. I thought the question was very legit and poorly handled.

Viewing 4 replies - 16 through 19 (of 19 total)
  • The topic ‘“Users must be registered and logged in to comment”’ is closed to new replies.