Redirecting Spammers (comments and pings)

  • apmeyer

    (@apmeyer)


    10 years ago

    When setting up WP as a CMS with no need for comments/trackbacks, is there any reason not to simply add the following to .htaccess to stop spammers:

    Redirect 301 /wp-comments-post.php http://www.google.com
    Redirect 301 /wp-trackback.php http://www.google.com

    I’ve found various solutions to fighting spam like plugins and including other .htaccess scripts for validating the referrer (and allowing comments submitted from the domain). But, ultimately, since comments are not a part of this particular site, such a check seems unnecessary and I’d prefer to avoid non essential plugins (if I can block spam through simpler methods).

    Thanks.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter apmeyer

    (@apmeyer)

    10 years ago

    Also, even with these redirects in place, spam pings find their way through. What other files allow direct access to processing automated comments and trackbacks?

    Thread Starter apmeyer

    (@apmeyer)

    10 years ago

    Running a bit of SQL against the database to disable ping_status on old content seems to have stopped the ones that were finding their way through – I had already done that for for comment_status.

    Evan Herman

    (@eherman24)

    10 years ago

    You can ping a page or post without actually writing a comment on it.

    Simply backlink to that post or page, and you’ll receive a ping notifcation. You can just disable pings altogether through the settings tho.

    Haven’t ever considered adding a 301 redirect on wp-comments.php, probably not a bad idea.

    Thread Starter apmeyer

    (@apmeyer)

    10 years ago

    Right. The big thing I’m looking for is a global solution to permanently disabling comments and pings since the site has no need for comments. The above solution seems to be working:

    1. Redirect /wp-comments-post.php and wp-trackback.php (preferably to some other domain, assuming it could throw off analytics if it redirects to the homepage) via the .htaccess file

    2. Use a little SQL to update disable comments and trackbacks on existing site content (rather than manually going through all content)

    3. Disable comments and pings for future content in “discussion” settings

    Disabling comments shouldn’t be necessary if the redirect in step 1 is in place, but just doing it to be safe.

    I don’t see a downside to this approach for my particular situation, but I might be missing something.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Redirecting Spammers (comments and pings)’ is closed to new replies.

Tags