Use .htaccess to Fight Spam on your WordPress Site

Comment spam is an absolute pain – both to deal with and to fight. Here’s a very nifty .htaccess snippet to combat spam on your self hosted WordPress site.

You’ll need to FTP into your site and access your site’s .htaccess file. It’ll be found in your domain’s root – the .htaccess file may be hidden, so make sure that hidden files are visible. Paste the following snippet in there and replace “yourdomain.com” with your site’s url. Just be careful, messing up your .htaccess file can break your entire WordPress site.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomainname.com* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

What this .htaccess snippet does is prevent access directly to your WordPress install’s wp-comments-post.php file, which is a common way for spam bots to quickly load up your WordPress site with spam comments.

And viola, your WordPress site will now have less spam.

Follow wpLifeGuard

« Back to Blog