Tweak your WP Theme to a Spam Free Blog

This trick has been discussed in the WordPress Codex and the Support forums but I’d like to echo it here again for those who haven’t had the chance to learn about it and still suffering from comment, track-back and referral spam.

If you’re using the WP ShortStats plugin, you’d have noticed by now that you’re getting referrals from sites that targets your wp-comments-post.php which shouldn’t be the case because they’re internal WordPress files. This is an indication that your blog is being targetted for referral spam or trackback spam.

One of the earlier fixes I added in my .htaccess was a rewrite rule to supposedly block the referral spam:

RewriteCond %{HTTP_REFERER} “!^http://www.yugatech.com/blog/.*$” [NC]
RewriteCond %{REQUEST_URI} “.*wp-comments-post.php$”
RewriteRule .* – [F]

That seemed to help stop it by about 90% or so which is quite effective IMO. Still there’s the trackback spam to consider, so here’s one tip you can implement in your WP theme:

1) Find the file wp-comments-post.php and rename it to something else (e.g. i-get-no-spam.php). This file can be found in your root WP folder.

2) Next, look for the file comments.php in your active WP theme folder and edit instances of the term “wp-comments-post.php” to match that of what you renamed it to.

If you’re running some other comments related plugin, like Paged Comments, there might be some slight changes in the steps but that’s the general idea.

That’s it. Now them spam bots that have bookmarked your wp comment form would get a 404 error next time.

React to this article:

10 Comments

project management · 13 years ago

I always spent my half an hour to read this weblog’s content all the time along with a mug of coffee.

vanja · 19 years ago

Improves erectile function no side effect medicine

JackyMool · 19 years ago

Who can help me with .httpaccess ?
where i can fined full information about .httpaccess file syntaxis?

7KoiL8U5k4 · 19 years ago

Hi! Very nice site! Thanks you very much! mwLJFRdz2PKhXF

SELaplana · 20 years ago

my blog is actually not using the Akismet Technology to avoid such spam comments. However, I successfully avoid these things by installing the Mathematics comment plugin, which is not capable of controlling spam pings for trackbacks.

Thanks for echoing this topic. this hack willl really help.

Mita · 20 years ago

great timing…been having problems with that lately. salamat!

jhay · 20 years ago

I’d like to implement this fix, but I’m afraid I might end up messing up my WP installation, hehehe

Will probably do it on a test blog first. Great how-to by the way.

pinoywebdev · 20 years ago

wordpress comes with security fixes and are updated every time a new issue arises. even so, every now and then problems do came up.., this discourages me to came up with my own version of php-mysql powered blog.. I am poor when it comes to security consideration — I don’t even know how spammers could destroy my site =(

AnP · 20 years ago

heaven sent tip! thanks!

kutitots · 20 years ago

you might need to rename the “comments.php” within the code of the template file too because it’s part of the conditional statement. It’s actually on secode line of the code in comments.php (when you open it up in Notepad).