How I stopped a massive WordPress spam attack with 4,700 lines of code in two days - thanks to Codex and Claude
Follow ZDNET: Add us as a preferred source on Google.
ZDNET's key takeaways
- Spammers found ways in and flooded my database.
- Claude and Codex became my emergency coding team.
- The 4,700-line fix added stronger defenses and cleanup tools.
About a month ago, my main website was on the receiving end of a new attack. Spammers were using the username field as a message carrier, stuffing it with a fake domain and crypto bait such as "check balance," "withdraw funds," "BTC transfer" and "action required." WordPress then helpfully forwarded that payload to me in thousands of "new user registration" emails.
Also: Apple rushed to squash 29 bugs because AI is supercharging hackers - update ASAP
At that time, my server was using a commercially purchased security product that was supposed to protect my WordPress website from registration spam. That product clearly wasn't up to the task.
I'm the developer of a...
Copyright of this story solely belongs to zdnet.com. To see the full text click HERE