Hey Midriffhelp Now Guides you How to Protect your WordPress Website from Comment Based Hacking.
Well this is something which not many people are knowing about.
Malicious COMMENTS attack: you should be knowing that whatever comments users make in our website gets saved in the database, from where it can be operated via a simple mySql query. So what the hackers and spammers do is, they post comments in your website which look really really real, like:
” Hey nice website I have now bookmarked your website, you really write awesome, I will be waiting for more articles”
or
“I havent seen such a nicely written blog, great man, keep it up”
or something or otherthing like that, and whenever u approve the comment, it starts its operation.
which can cause some of the following issues:
- internal errors
- automatic plugins remove
- sitemap disapperas
- posts or categories diappears
- you cannot login your admin
etc etc.
How to protect?
well there are few precautions which u can take and you need not to worry about this thing:
- comments should be approved disable the auto approval function
- users should be registered to comment, this u can find in general settings
- install captcha plugin by bestwebsoft.com its name is just “CAPTCHA”
- never make someone an author, or admin of ur website.
- never approve untrusted users
this thing might help you..