Tweak your WP Theme to a Spam Free Blog

Tweak your WP Theme to a Spam Free Blog

This trick has been discussed in the WordPress Codex and the Support forums but I’d like to echo it here again for those who haven’t had the chance to learn about it and still suffering from comment, track-back and referral spam.

If you’re using the WP ShortStats plugin, you’d have noticed by now that you’re getting referrals from sites that targets your wp-comments-post.php which shouldn’t be the case because they’re internal WordPress files. This is an indication that your blog is being targetted for referral spam or trackback spam.

One of the earlier fixes I added in my .htaccess was a rewrite rule to supposedly block the referral spam:

RewriteCond %{HTTP_REFERER} “!^*$” [NC]
RewriteCond %{REQUEST_URI} “.*wp-comments-post.php$”
RewriteRule .* – [F]


That seemed to help stop it by about 90% or so which is quite effective IMO. Still there’s the trackback spam to consider, so here’s one tip you can implement in your WP theme:

1) Find the file wp-comments-post.php and rename it to something else (e.g. i-get-no-spam.php). This file can be found in your root WP folder.

2) Next, look for the file comments.php in your active WP theme folder and edit instances of the term “wp-comments-post.php” to match that of what you renamed it to.

If you’re running some other comments related plugin, like Paged Comments, there might be some slight changes in the steps but that’s the general idea.

That’s it. Now them spam bots that have bookmarked your wp comment form would get a 404 error next time.

Abe is the founder and Editor-in-Chief of YugaTech. You Can follow him on Twitter @abeolandres.

You may also like...

13 Responses

  1. kutitots says:

    you might need to rename the “comments.php” within the code of the template file too because it’s part of the conditional statement. It’s actually on secode line of the code in comments.php (when you open it up in Notepad).

  2. AnP says:

    heaven sent tip! thanks!

  3. wordpress comes with security fixes and are updated every time a new issue arises. even so, every now and then problems do came up.., this discourages me to came up with my own version of php-mysql powered blog.. I am poor when it comes to security consideration — I don’t even know how spammers could destroy my site =(

  4. jhay says:

    I’d like to implement this fix, but I’m afraid I might end up messing up my WP installation, hehehe

    Will probably do it on a test blog first. Great how-to by the way.

  5. Mita says:

    great timing…been having problems with that lately. salamat!

  6. SELaplana says:

    my blog is actually not using the Akismet Technology to avoid such spam comments. However, I successfully avoid these things by installing the Mathematics comment plugin, which is not capable of controlling spam pings for trackbacks.

    Thanks for echoing this topic. this hack willl really help.

  7. 7KoiL8U5k4 says:

    Hi! Very nice site! Thanks you very much! mwLJFRdz2PKhXF

  8. JackyMool says:

    Who can help me with .httpaccess ?
    where i can fined full information about .httpaccess file syntaxis?

  9. I always spent my half an hour to read this weblog’s content all the time along with a mug of coffee.

Leave a Reply

Your email address will not be published. Required fields are marked *