2015-01-07 UTC
# petermolnar GWG sidenote on why wordpress sucks: a blog of a friend of mine received 42k comment spams. I now realized that wp_nonce is not used on the frontend, just at the backend, which is especially to protect the admin remote POSTs. I have no idea why it's not included in the comment engine by default.