In this tutorial we will show you how you can disable HTML tags in your WordPress comments.
By default, WordPress allows certain HTML tags within the comments such as <a> <em> <strong> etc. If you notice a lot of SPAM comments also contain these tags. Most SPAM comments are made by bots and scripts, which are using HTML tags. If you simply disable HTML from your WordPress comments, it can prevent a lot of SPAM.
Only active HTML tags will be disabled in this tutorial.For example, someone could still post something like:
<a><em><strong>
As a result, It will appear, but the tags will be ineffective. As a result, if the strong tag is used, the text will not be bolded. Furthermore, few SPAM bots have the time to accomplish this because it takes a long time and is not lucrative to them.
To do so, simply open your functions.php file and add the following code:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
// This will occur when the comment is posted function plc_comment_post( $incoming_comment ) { // convert everything in a comment to display literally $incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']); // the one exception is single quotes, which cannot be #039; because WordPress marks it as spam $incoming_comment['comment_content'] = str_replace( "'", ''', $incoming_comment['comment_content'] ); return( $incoming_comment ); } // This will occur before a comment is displayed function plc_comment_display( $comment_to_display ) { // Put the single quotes back in $comment_to_display = str_replace( ''', "'", $comment_to_display ); return $comment_to_display;} |
If you don’t want to manually apply this code, the original author also has a plugin available for download. Peter’s Literal Comments is a simple plugin to install and activate.
This method is superior because it does not necessitate changing the core files. If you wish to make changes to your core files, go to wp-includes/kses.php and make changes there.(This is not recommended, but it is included for educational purposes.) (For further information, see the WordPress Codex.)
