A WordPress Hack To Help Protect Your Blog From Comment Spammers

If you own a WordPress powered website you will most surely have Askimet enabled to help detect and easily manage spammers from posting comments. Askimet is a great plugin that has worked pretty successfully for me on all wordrpess sites that I own or administer. This little wordpress comment hack adds another layer of protection though by looking for the HTTP referrer (the page where the request comes from) and automatically blocks the comment if the referrer is incorrect or not defined.

Paste the code snippet below into your wordpress theme functions.php

function check_referrer() {
    if (!isset($_SERVER['HTTP_REFERER']) || $_SERVER['HTTP_REFERER'] == "") {
        wp_die( __('Please enable referrers in your browser, or, if you\'re a spammer, bugger off!') );
    }
}

add_action('check_comment_flood', 'check_referrer');

This code automatically rejects any request for comment posting coming from a browser (or, more commonly, a bot) that has no referrer in the request. Checking is done with the PHP $_SERVER[] array. If the referrer is not defined or is incorrect, the wp_die function is called and the script stops its execution.

Via: Yoast.com

Tagged: , ,

Author: Stuart | Website: http://stuartduff.com

Stuart is web designer and developer from Glasgow, Scotland with a passion for wordpress. Stuarts interests are tech, design, php and anything web development, open source or Internet related.

Post comment as twitter logo facebook logo
Sort: Newest | Oldest

Hi, are the quotation marks on the second $_SERVER['HTTP_REFERER'] check actually supposed to be “” instead of "" ? Thanks!

Thanks Justin, I updated the code snippet :)

This is a great hack, just ran across it and I'm sure I'm late but thank you!