Title: Potential harm in comments? Last modified: August 31, 2016 --- # Potential harm in comments? * [Gibbon355](https://wordpress.org/support/users/gibbon355/) * (@gibbon355) * [10 years, 2 months ago](https://wordpress.org/support/topic/potential-harm-in-comments/) * Besides the clutter of spam, is there any way comments can be harmful to a WordPress site? For example, posting some kind of code that’s malicious? * I want individuals to have uncensored freedom to post and I can get an anti-spam plugin. Am I missing any potential problems of limited moderation other than vile posts and occasional spam that an anti-spam program does not catch? Viewing 4 replies - 1 through 4 (of 4 total) * [catacaustic](https://wordpress.org/support/users/catacaustic/) * (@catacaustic) * [10 years, 2 months ago](https://wordpress.org/support/topic/potential-harm-in-comments/#post-7279405) * If you allow _completely_ unfiltered text, then yes, it’s very easy to post something harmful. * The main culprit would be JavaScript, which can cause some serious isuses, but depending on how your site is set up you may also have PHP code added that executes on your server, and that woudl be somewhere close to catastrpohic. * Thread Starter [Gibbon355](https://wordpress.org/support/users/gibbon355/) * (@gibbon355) * [10 years, 2 months ago](https://wordpress.org/support/topic/potential-harm-in-comments/#post-7279413) * Catacaustic, do the default WordPress settings catch javascript or php? Is there something that has to be checked under Discussion Settings or are there plugins I could get? * I basically want a comment section like Google blogspots where people can choose certain identities like Facebook, WordPress, etc… or be anonymous: * [http://robinlynsey.blogspot.com/2015/11/possum.html#comment-form](http://robinlynsey.blogspot.com/2015/11/possum.html#comment-form)( not my site) * I’m planning on getting Anti-Spam by CleanTalk for spam but what plugin would look like Google Blogspot and also catch malicious code? * [catacaustic](https://wordpress.org/support/users/catacaustic/) * (@catacaustic) * [10 years, 2 months ago](https://wordpress.org/support/topic/potential-harm-in-comments/#post-7279415) * The standard WordPres systems only allow some basic HTML tags, and will strip out anything that’s JavaScript or PHP. On top of that PHP won’t run in a comment section unless you install a plugin that specifically tells it too, which is a very bad idea. * As far as choosing who you’re commenting as, that’s a very different thing. There might be some plugins out there that enable that, but I haven’t gone looking for them so hopefully someone else out there may have some morr idea than I do. * Thread Starter [Gibbon355](https://wordpress.org/support/users/gibbon355/) * (@gibbon355) * [10 years, 2 months ago](https://wordpress.org/support/topic/potential-harm-in-comments/#post-7279422) * Ok, Thanks. Seems like I’d have to go really out of my way to have a scenario where someone could type in effective Javascript or php in the comment section. * Please comment if anyone knows how I can get my comments to look like: [http://robinlynsey.blogspot.com/2015/11/possum.html#comment-form](http://robinlynsey.blogspot.com/2015/11/possum.html#comment-form) * Basically a Google Blogspot look. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Potential harm in comments?’ is closed to new replies. * In: [Everything else WordPress](https://wordpress.org/support/forum/miscellaneous/) * 4 replies * 2 participants * Last reply from: [Gibbon355](https://wordpress.org/support/users/gibbon355/) * Last activity: [10 years, 2 months ago](https://wordpress.org/support/topic/potential-harm-in-comments/#post-7279422) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics