In this post i will explain the how to Stop wordpress spam bot comment using htaccess. While denying access to comment spammers may be seen as drastic action, there are ways to prevent access to spammers while still allowing comments to be posted.

Stop wordpress spam bot comment using htaccess

Deny WordPress Comment Spam with a Nonce

To enable the nonce field within your WordPress comment form add the following code snippet to your functions.php file, within your WordPress theme folder, to enable the nonce field support for your comment form.

Deny Access to No Referrer Requests

This is the one that fixed my spam problem on my site in dramatic fashion. Before I instituted this fix in my .htaccess file my site was going down a couple of times every day because of the major loads spam-bots were putting on my server. Since the fix was made it rarely ever has problems anymore because of spam-bots.

What this fix does is to find illegitimate comments by determining if a comment has gone through a certain .php page. When your readers comment for example, the wp-comments-post.php file is accessed, processes the text, and creates the comment. The user’s browser will send a “referral” line about this.

When a spam-bot comes in, it hits the file directly and usually does not leave a referrer. This means that we can detect those no-referrer posts and block them using the .htaccess file. If you’re not familiar with .htaccess files or Apache directives, you may want to get some help on this. Add this to your .htaccess file.

Blocking spam bots through htaccess