Written by me@grafxflow
12 Jan, 2014
0
2,729
As all WordPress administrators know the constant issue with new spam and having to block spam comments can become irritating on a daily basis. Most plugins you find will actually just add a captcha code (random generated code) to the comment form or other similar options. But the real issue is that automated spam usually bypass this altogether and goto the following file on the server - 'wp-comments-post.php'. As long as a post has the option to leave comments then that's all they need.
Now the following is not guaranteed to block spam full-stop. That will never happen but it should make a big difference.
In the home directory of the server there is a '.htaccess' file, simply add this bit of code making sure to change the domain name with your own - where is says your-domain.com below. Remember that I put ADD not REPLACE. Plus I will add that you must be careful when editing this file since it can affect your website and server.
# Stop spam comments
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*your-domain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>
So what is this doing... well from my understanding it is checking that all calls to the 'wp-comments-post.php' file are actually from pages on your own website, not remotely via automated spam robots.
30 Apr, 2017
05 Sep, 2012
03 Sep, 2013
I am a Full-stack Developer who also started delving into the world of UX/UI Design a few years back. I blog and tweet to hopefully share a little bit of knowledge that can help others around the web. Thanks for stopping by!
Follow11 Jul, 2023
21 Jun, 2023
Views: 166,586
Views: 40,466
Views: 37,234
Views: 33,736