2. Well this is something which not many people are knowing about.
Malicious COMMENTS attack: you should be knowing that whatever
comments users make in our website gets saved in the database,
from where it can be operated via a simple mySql query. So what the
hackers and spammers do is, they post comments in your website
which look really really real, like:
” Hey nice website I have now bookmarked your website, you really
write awesome, I will be waiting for more articles”
or
“I havent seen such a nicely written blog, great man, keep it up”
or something or otherthing like that, and whenever u approve the
comment, it starts its operation.
which can cause some of the following issues:
internal errors
automatic plugins remove
sitemap disapperas
posts or categories diappears
you cannot login your admin
etc etc.
3. How to protect?
well there are few precautions which u can take and you
need not to worry about this thing:
comments should be approved disable the auto approval
function
users should be registered to comment, this u can find in
general settings
install captcha plugin by bestwebsoft.com its name is just
“CAPTCHA”
never make someone an author, or admin of ur website.
never approve untrusted users
this thing might help you..