Trusted WordPress tutorials, when you need them most.
Beginner’s Guide to WordPress
25 Million+
Websites using our plugins
Years of WordPress experience
WordPress tutorials
by experts

How to Reduce WordPress Comment Spam with Cookies for Comments

Editorial Note: We earn a commission from partner links on WPBeginner. Commissions do not affect our editors' opinions or evaluations. Learn more about Editorial Process.

A growing site comes with new challenges and one of them is comment spam. Thankfully, there are plenty of solutions to effectively fight comment spam. For example, using Akismet you can effectively reduce comment spam. You can also use CAPTCHA to block spamming bots. In this article, we will show you how to reduce WordPress comment spam with Cookies for Comments.

First thing you need to do is install and activate the Cookies for Comments plugin. The plugin works out of the box and there are no settings for you to configure.

How Cookies for Comments Work?

Most of the comment spam is submitted by spam bots. These spam bots are basically software scripts that crawl the web looking for comment forms and then submit spam comments.

To spam thousands of websites, these programs don’t load images and stylesheets. The text on a page is enough for them to determine the presence of a comment form.

Cookies for comments plugin loads a stylesheet or an image when a page on your WordPress site is accessed. If the user’s browser downloads the stylesheet or image file, then the plugin sets a cookie in the user’s browser.

The plugin checks for the cookie when any user tries to post a comment. If the cookie exists, then this means that the user is not a spam bot.

If the cookie does not exist, then the user is most likely a spam bot, and the comment they submit is marked as spam.

How To Completely Stop The Spam Bots From Commenting

Cookies for Comments will successfully detect spammers, but it will let them post a comment. This comment goes into spam comments. With little more effort, you can stop the bots from posting a comment altogether.

To do that, you will need to find out the cookie value. Right click anywhere on the your website, and then select View Page Source.

Opening page source view in Google Chrome

This will open a new tab in your browser showing the page’s HTML source. You need to scroll down to the bottom of the page until you find a line similar to this one:

<img alt='css.php' src=";o=i&amp;t=201927728" width='1' height='1' />

The value after css.php?k= is the value of the cookie. Like in this example, it is 9692e3a737ecafe8fe6329490410ff50. You will need this value in the next step.

Now you need to connect to your website using an FTP client and edit the .htaccess file. Simply paste this code before anything else in your .htaccess file.

RewriteRule ^wp-comments-post.php - [F,L]

You need to replace XXX with the cookie value.

That’s all. Your .htaccess file will now look for a cookie value and when it is not found, it will stop the user from commenting.

We hope this article helped you reduce WordPress comment spam on your site.

If you liked this article, then please subscribe to our YouTube Channel for more WordPress video tutorials. You can also find us on Twitter and Google+.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

Editorial Staff

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi with over 16 years of experience in WordPress, Web Hosting, eCommerce, SEO, and Marketing. Started in 2009, WPBeginner is now the largest free WordPress resource site in the industry and is often referred to as the Wikipedia for WordPress.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

9 CommentsLeave a Reply

  1. Syed Balkhi says

    Hey WPBeginner readers,
    Did you know you can win exciting prizes by commenting on WPBeginner?
    Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
    You can get more details about the contest from here.
    Start sharing your thoughts below to stand a chance to win!

  2. leetramp says

    I’m running WP 3.9 and WP warns that this plugin has not been tested with this 3.9. Is this something you can work on resolving? (And, thanks for the what looks like a great plugin!)

    [I’m also running a WP 4.0 site, and I just installed the plugin on both. I’ll let you know if this works for me.]

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.