Title: Receiving weird comments (maybe sql injection) Last modified: October 30, 2022 --- # Receiving weird comments (maybe sql injection) * Resolved [9puzzle](https://wordpress.org/support/users/ashujun/) * (@ashujun) * [3 years, 7 months ago](https://wordpress.org/support/topic/receiving-weird-comments-maybe-sql-injection/) * [⌊Untitled⌉⌊Untitled⌉[ i am receiving these comments from last 1 month. `/**/ UNION/**/ALL/**/SELECT/**/79,79,79,79,79,79,CONCAT(CONCAT(‘qvpqq’,’mMhEZneMUd’),’ qpjqq’)–/**/lEfC` can someone help me with this? Viewing 4 replies - 1 through 4 (of 4 total) * [NewsArena](https://wordpress.org/support/users/newsarena/) * (@newsarena) * [3 years, 7 months ago](https://wordpress.org/support/topic/receiving-weird-comments-maybe-sql-injection/#post-16146718) * Hi, Yes, it’s a kind of SQL injection attack. You can defence your site against such kind of attacks with a firewall. The easiest way is to install a defence plugin like [BBQ Firewall](https://wordpress.org/plugins/block-bad-queries/) It’s a lightweight, but efficient firewall against bad requests. * Thread Starter [9puzzle](https://wordpress.org/support/users/ashujun/) * (@ashujun) * [3 years, 7 months ago](https://wordpress.org/support/topic/receiving-weird-comments-maybe-sql-injection/#post-16146734) * thank you [@newsarena](https://wordpress.org/support/users/newsarena/) I thought wordfence can block such requests. I am installing **BBQ Firewall** rightaway. * [NewsArena](https://wordpress.org/support/users/newsarena/) * (@newsarena) * [3 years, 7 months ago](https://wordpress.org/support/topic/receiving-weird-comments-maybe-sql-injection/#post-16146773) * I see that these comments come from the same IP address. You can block it via comment options in WP Admin Dashboard – Options – Comments – Comment Blocklist. And of course you can use Wordfence to block this IP. You can search it in Live Traffic logs then block it. Keep in mind that after you block IP in Live Traffic, you have then go to Blocking section in Wordfence and mark it for Permanent block. - This reply was modified 3 years, 7 months ago by [NewsArena](https://wordpress.org/support/users/newsarena/). * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [3 years, 7 months ago](https://wordpress.org/support/topic/receiving-weird-comments-maybe-sql-injection/#post-16150185) * Hi [@ashujun](https://wordpress.org/support/users/ashujun/), thanks for contacting us. * You could also try disabling XML-RPC which might be allowing comments through that are posted to your site. The comments themselves do look like SQL injection attempts, which may at some point have worked with certain vulnerable plugins/ WP versions but are clearly just being treated as plain text in this case (as they should.) * “**Disable XML-RPC authentication**” appears in **Wordfence > Login Security > Settings**. You can also block this route entirely using **.htaccess **, provided you don’t use the WordPress app or a plugin that requires it such as Jetpack: * ``` # Block WordPress xmlrpc.php requests order deny,allow deny from all ``` * Thanks, * Peter. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Receiving weird comments (maybe sql injection)’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) * 4 replies * 3 participants * Last reply from: [wfpeter](https://wordpress.org/support/users/wfpeter/) * Last activity: [3 years, 7 months ago](https://wordpress.org/support/topic/receiving-weird-comments-maybe-sql-injection/#post-16150185) * Status: resolved