Block WordPress spam comment with .htaccess


If you have self hosted WordPress and always got lots of spam comments and getting frustrated by trashing them each day, you may actually block or reduce them through your .htaccess Apache configuration file.

Most spammer attack your comment box not through the blog post but they actually access through your wp-comments-post.php file. Here is how you can stop them from attacking your blog with spam and at the same time stopping the unnecessary server load.

You can find the .htaccess file  in your root of WordPress installation folder have a basic setting written and there’s no existing security configuration on it.

Just add the rules as below.

# Protect from spam comments
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} !.*xyz.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

.xyz is referring to your blog root or best put your domain name by the way.

Make sure you have make a backup of your original .htaccess rules before apply the spam blocking rules to prevent unnecessary mess ups.

Similar Posts