I realized today when I tried to add a comment to one of the Bible Studies that comments have been broken since forever. There was a setting in the All-In-One WordPress Security plugin that was blocking them silently. I apologize to anyone who may have tried to comment on a post or Bible Study, but couldn’t and didn’t get any kind of error message or even an acknowledgement that the comment was sent.
So the next day I had another spam comment from the same source as the previous ones, so I decided I needed to make the Turnstile CAPTCHA work on the comment form if I could. It took a little doing and installing yet another plugin, but it’s finally working now. We’ll see how it does at filtering out the spam. In the meantime, I ran into an issue with the CAPTCHA on my security plugin, so I wrote the following support request for the security plugin that someone may find helpful:
https://wordpress.org/support/topic/turnstile-on-wordpress-comment-form/
Wow! One day after removing the CAPTCHA from the comment form and already there were four spam comments – all from the same source, and all with the same spam content. No offers of any services or any sort of meaningful insights – just generic flattery about the greatness of my posted curmudgeonliness. If this goes on, I’ll need to come up with another plan for a comment form humanity check.
Now THAT’s interesting. Even though I have WordPress set to require manual approval of comments, apparently WordPress assumes that if I make a comment while logged in as a site administrator, I would most likely approve my own comment, so WordPress passes administrator comments right on through.
And yet again, I found out today that comments were broken. This time it turned out to be an interaction between AIOWPS and Cloudflare Turnstile. I’m using the “invisible” option with Turnstile. Apparently, AIOWPS doesn’t like that on the comment form. So for now I’ve turned off the CAPTCHA on comments. If I start getting a lot of comment spam, I’ll revisit the issue.