Is your blog being attacked by comment spammers? If you are running a WordPress blog, that is quite normal. You will get more spams if your blog is popular. There are a lot of ways out there to stop these comments spammers such as installing Akismet and Spam Karma plugins. But seriously, does these plugins really work? Some people might say yes but I don’t think so. What these plugins really do is filtering the spam comments from appearing in your comments. Read my words, “filtering” not “preventing”. In order to prevent your blog from being attacked by these bot spammers, you need to do something.
I found some ways from the Internet actually. The famous ones is changing the name of your wp-comments-post.php. Why?
How Comments Work:
Lets start with how comments work in WordPress. Inside you themeâ€™s folder, there are 2 files, comments.php, and comments-popup.php (your theme probably only uses one of them). Those are the forms that a visitor to your site fills out when leaving a comment. But, they donâ€™t handle the actual posting of the comment. They pass the data to a core wordpress file called wp-comments-post.php, which in turn processes the comment and writes it to the database.
So what do you need to do now? Just change the name of the wp-comments-post.php file to any name like go-to-hell-spammers.php. Then open up either comments.php, or comments-popup.php (whichever file your theme uses), and replace the reference to wp-comments-post.php, with the new name of that file. As simple as that. Since you changed the file name, you should upload a new wp-comments-post.php file so that the spambots would not encounter a 404error/page. You can leave it blank or do something like this.
This solution does not stop spam bots from commenting on your blog. It depends on how the bots attacked your site. Some bots might just locate the wp-comments-post.php and hit the file directly. Some “smart” bots might figured out that you had changed the name of that file and search for your new comment file and hit it. There are other solutions besides this one. Shoemoney had written these solutions quite some time ago and they do work. You should read it. Other than that, you should install this Challenge WordPress Plugins so that commenters will need to reply to your questions before able to submit their comments. That’s something bots can’t do comparing to us, humans 😛 .
So what’s next? Just pray to god and hope that these spam bots will be gone forever~