Allow posting only from my domain?

  • I’ve heard about this but I can’t seem to search/google it with the right words to find out how.

    How can I make it so that wordpress will only accept comments coming from my domain? I hope I’m describing that right.

    I’ve read that there’s a way to only allow posting to your website *from* your website.

    Has anyone else heard of this? Can someone tell me more specifically how to do this?

    Thanks

Viewing 6 replies - 1 through 6 (of 6 total)

  • Not sure I really understand what you are wanting to achieve.

    Most people would have to be at your site to comment. They would write a comment in the comment box and hit submit.

    If you are concerned with spammers sending you comments automatically then you need to activate Akismet, or SK2 or some other anti spam WP plugin.

    Hope that helps!

    I know what you want and I can help ??

    Assuming you have not renamed wp-comments-post.php to something else. I have, so you never know…

    RewriteCond %{HTTP_REFERER} "!^https://www.domain.org/.*$" [NC]
    RewriteCond %{REQUEST_URI} ".*wp-comments-post.php$"
    RewriteRule .* - [F]

    Change domain.org to your domain name, and you should have what you want. And obviously, you might need to mess with the regex for your particular set-up, ie, blog.domain.org or not using the www. etc..

    This is, by far, one of the smartest and simplest things people can do to ease the spam.

    that 3 line snip goes in your .htaccess

    —————–

    johnoz,

    Unfortunately, it is possible to send an http_post and using the proper variables, to insert comments from a remote site.

    Its a VERY common spammer technique, and log watchers can easily see those attempts: theyre hits to wp-comments-post.php with a referer other than your site.

    Thanks whooami

    You learn something new every day! ??

    Since this thread is being linked to, decided to post here.

    Whooami’s advice is a quick-fix, but doesn’t necessarily block spammers, and has a side-effect:

    First, the referrer is SENT by the browser (or spammer). It can easily be set to the domain, in which case this was just a waste of time. ??

    Second, anyone who doesn’t have send-referrers active (or blocked via firewall products, etc.) is now blocked from posting comments (which may or may not be a desirable side effect… ?? ).

    Just wanted to make sure the details were all there.

    well youre correct in all of the above except for one thing :

    “doesnt necessarily block spammers”

    thats patently untue, and I have server logs to prove it. It does block spammers – spammers that arent smart enough to send a referer, and guess what, ALOT of them dont.

    Furthermore, please notice the topic to this title. I answered his question, plain and simple.

    I do recall reading somewhere about advice, telling someone this that and the other was not neccessarily the preferred way of answering questions.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Allow posting only from my domain?’ is closed to new replies.