Tag Archives: wordpress

Reduce WordPress spam without a plugin


Anyone who has ever published or managed a WordPress site knows the pain caused by those nasty SPAM bots, you’re installed some slick plugins, signed up for Akismet and even tried using a CDN service to stop those pesky bots, but they still find their way in.

Can they really be that smart? Maybe, but more likely they are using their knowledge of the WordPress core to directly target the wp-comments-post.php page directly, and passing their (sometimes entertaining) SPAM comments to your site. A simple way to remedy this is to make a slight adjustment to your .htaccess file, sorry IIS folks but this does not apply to you, though there is likely a way to port this over to your httpd.ini file.

First things first – BACK UP YOUR .HTACCESS file, a slight mistake will likely take down your site, so better have a quick backup to revert to.

Next, simply add the following lines to the document:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*mywebsiteurlhere.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

Oh and don’t forget to change “mywebsiteurlhere” to your domain name, otherwise your site might implode.

There is no sure fire way to stop SPAM on your site, but every bit helps and the fewer comments you have to moderate to more time you have to write for your blog.

The guys over at allguru.net have some more tips on how you can secure your WP install with .htaccess, well worth the read.