Deny wordpress comment posting to no referrer requests

December 3, 2008 · Print This Article

If you’re a WordPress user, then you’re probably upset with the amount of daily spam comments.

Sure, there’s akismet, but here’s a little .htaccess trick to prevent spammers posting on your wordpress blog.

Simple paste the following code on your .htaccess file, located at the root of your WordPress install. Don’t forget to specify your blog url on line 4.

Remember to ALWAYS create a backup when editing the .htaccess file.

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

The above code looks for the referer (The url from where the page has been called) when the wp-comments-post.php file is accessed. If a referer exists, and if it is your blog url, the comment is allowed. Otherwise, the sapm bot is redirected and the comment will not be posted.


Your choice for site templates and wordpress themes

Comments

Got something to say?

You must be logged in to post a comment.