Comment Spammers Returneth

Posted on by

I’ve recently been plagued by comment spammers again. Thing is, I’ve set things so that people need accounts here to place comments. Then, once the comment is posted, I have to approve it, delete it, or mark it spam. I’m not too worried at this point, b/c any spam that makes it through still needs approval… at which point I just mark it spam. They won’t show up, in other words, defeating the purpose of the spammers. However, I don’t get how they get through when they need an account. I’m under no illusion that WordPress is perfect, or immune to clever attacks, but still… that seems a simple thing to block.

With a little help from the WordPress documentation, I’ve placed this in my configs… we’ll see how it works.

RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>