There is definitely a performance advantage in keeping your comment spam to a minimum. If you have a lot of comments, the query time can get pretty out of control. To make it easier, you should install Akismet if you haven’t already. Akismet will automatically detect spam comments and move them to WordPress spam section. … Read more
Bad Behavior does two things: It checks the HTTP request and sees if it is as per the standard or not. Usually spammers don’t write their scripts so well as to be fully compliant with the HTTP standard. Bad Behavior can make out poorly scripted HTTP requests from properly scripted ones (which would be sent … Read more
Okay, I’ve (probably) done just enough reading since asking this question, and apparently this combo of anti-spam plugins, works to a very appreciable extent in mitigating spam: Akismet + Cookies for Comments + Impostercide Knowledgeable people agree: Alex aka Viper007Bond uses Akismet and Cookies for Comments on his own blog, alongside having Trackbacks disabled. (Source) … Read more
This code should make it impossible to add a new user, as long as it is being added with wp_insert_user(). add_filter( ‘pre_user_login’, ‘__return_false’ ); That filter is applied to the user’s login name before it is saved. If the result is empty, the user isn’t added. This will make it so the login will always … Read more
The incoming links widget is asking Google for links to the domain you’re on right now. If your domain is localhost you get a lot of links – because that’s a very common domain name. Unfortunately, some people don’t clean up their data when they move from localhost to the world wide web, and then … Read more
You don’t need a form to submit a comment to the wp-comments-post.php file, or to send a pingback or trackback. Spammers don’t use forms, they simply send their spam directly. Removing the form doesn’t “turn off” comments. To do that, go to the Posts screen, and use the Quick Edit to actually disable comments and … Read more
Just install a good anti-spam plugin. They will monitors site’s comments for spam and automatically blocks spam comments. BTW WordPress come with Akismet which is a spam protection plugin installed by default. To enable the plugin, go to the Plugins and activate the Plugin. Akismet Anti-Spam
This ought to do it: function wpse15750_comment_check( $id ){ if( get_post_type( $id ) == ‘attachment’ ) exit; } add_action( ‘pre_comment_on_post’, ‘wpse15750_comment_check’ ); EDIT Ignore the above. That will stop new comments, but to do what you want, this is much better: function wpse15750_comments_closed( $open, $id ){ if( get_post_type( $id ) == ‘attachment’ ) return false; … Read more
If you are using a twentyten/eleven theme, they hardcode the pingback meta tag into the head.php file. Remove that line or use your own theme. Also, and maybe it’s only in multisite, but the X-Pingback header is sent along with the xmlrpc endpoint url as well. Removed with the following: /** * Remove the X-Pingback … Read more
It is a fact of life that you will have to deal with some spam on any site. There are other ways of combating spam: such as a Q&A Captcha (the site asks the user a question such as “What is the name of the site?” and the user has to answer it correctly: very … Read more