Stop wordpress spam bot comment using htaccess

Dollarfry was attacked by comment spammers recently. I didnt place any captcha for the comments so that robots where trying to bombard Dollarfry with tons of comments.

And if you thought it doesnt matter as you can easily clear the spam folder then possibly you are mistaken. The harmul effects of such spam commentings are,

1. Increased server load.

At a time tons of automated bots are requesting to your server (to  wp-comments-post.php) which will considerably increase the load on your server. This not only increases the loading time of your website , but also on the other websites hosted on the server.

2. Link Spam

After the panda and penguin updates Google has penalized all those websites who did build bad neighborhood links.  After posting the comment, these bots would submit the comment url (say in the case of WordPress ) to poor quality spam websites (on which they can spam ) porn or not monitored forms. This will seriously affect your serps.

What are the possible spam control solutions (2 methods)?

1. Enable a captcha on the comment form

Enabling a captcha will save your website from spam bots. Bots cannot break the captcha.

2.  Blocking spam bots through htaccess

# Block spam bots WordPress

  RewriteEngine On
  RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
  RewriteCond %{HTTP_REFERER} !* [OR]
  RewriteCond %{HTTP_USER_AGENT} ^$
  RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Code Explained

If a request to wp-comments-post.php happens, the system will check for the HTTP_REFERER ( The address of the page that referred  the user to wp-comments-post.php). In WordPress the wp-comments-post.php is not accessed directly, it can only be accessed from the posts page or in short the  HTTP_REFERER  should be the website itself. HTACCESS also check for the HTTP_USER_AGENT, and if it doesn’t have one, possibly it would be a  bot and it will not be allowed to comment(the system will redirect the bot to the referred page).

About the author

Linjo Joson

Linjo is a PHP developer who loves to write about online businesses and marketing ideas

1 comment

  • This is ok but you can use google captcha and click the comment form check mark box and boom is good vs bots and spammers check out my site too I am a webmaster