[wp-hackers] Best way to 'enhance' wp-comments-post.php

Jason Salaz jason at zenenet.com
Fri May 26 12:03:25 GMT 2006


On 5/25/06, Roy Schestowitz <r at schestowitz.com> wrote:
> ___/ On Thu 25 May 2006 22:34:41 BST, [ Brian Layman ] wrote : \___
> > My wife's blog has blocked 40,000 spams, which I suspect is probably pretty
> > low compared to most of you.  If I take out my .htaccess blocking stuff,
> > that spam rate ramps up very quickly. I suspect a majority of these spams
> > were poker related and given the number of WP blogs out there, that must add
> > up.
> Seems  like  the  .htaccess method, which I first read about in  Dvorak  <
> http://www.dvorak.org/blog/?p=2904  >,  is still rather  successful.  Once
> popularised,  however,  it can be fooled (just like my CAPTCHA  which  got
> hacked, allowing a flow of 200+ spam in the past 24 hours alone).

This kinda stuff can be really bad, because certain "security"
software thinks that a good feature is NEVER sending referers to
I would be willing to wager that those same people think that
Wordpress sucks and "is broken".
Methinks the breakage exists a little closer in proximity to the user :P.

More information about the wp-hackers mailing list