It’s possible that a bot directly accessed the wp-comments-post.php file, which is a common tactic amongst spammers. Go to Settings/Discussion in your admin panel and ucheck “Allow people to post comments on new articles” and “Allow link notifications from other blogs (pingbacks and trackbacks.)”
You may also need to edit each existing page and post and uncheck “Allow comments.” and “Allow trackbacks and pingbacks on this page.” under the “Discussion” section.
Thank you MacMan. I will change those settings. It’s good to know the enemies tactics. I can better prepare for them.
BTW I also changed the attributes of “wp-comments-post.php” to read only. That should add a little more protection. I don’t think will cause any problems, seeings how we aren’t using it, but will keep you posted if it does. Hope this helps someone.
(@johnw1116)
15 years, 11 months ago
We are currently using wordpress as an information tool, with no form for making comments. Somehow, someone was able to post 2 comments, that were luckily held for approval. I have since unchecked allow comments for our posts, but would like to know how this was possible. I want to be sure I have stopped this from happening again, and to do that I have to first understand how they did it.