How to block WordPress spam comments with .htaccess?

Thanks to AllGuru.NET. Its WordPress security hardening using .htaccess really helps to reduce lot of spam comments. I added below lines in .htaccess file few weeks back. And my total spam comments were reduced from 10,000++ to 3,000 comments now. If I did not install the scripts, the spam comments will stay at 10K++ level.

# Protect from spam comments
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*DomainName.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Note – replace DomainName to your own domain name without .com or .net. Eg. RewriteCond %{HTTP_REFERER} !.*spblogger.* [OR]

This method will stop some spam comments from autobots. But can’t stop real human’s spam comments. I don’t mind about human’s spam comment because I have extra page view. And I always count on WordPress Akismet plugin to block them.

via: AllGuru.NET

  • Glad to hear it reduce 70% of the spam comment. Not too bad huh Hehehe.

    • Yeah, AllGuru.NET is the best. 😉

  • SK

    Have to try this one out. 🙂
    Anything to reduce spam comments.

  • Great tips. I have configure my htaccess. Hope it helps to reduce the spam comments.

  • Austin


    I am a newbee to the .htaccess file. I do not understand what I am replacing this (xyz.* ) with. Would it be or


    • Just replace *xyz.* with *myblog.* will do.

      • Austin

        Thanks…so it does not matter that my website is a static site with a WP blog located in the blog diectory?

  • ken

    is there any specific location to paste the codes?
    at the top? at the bottom? in between?

  • Thanks for a great tip – been getting so many spam comments recently and it seems they are clearly from bots… hope this helps!