WPBeginner

Beginner's Guide for WordPress

  • Blog
    • Beginners Guide
    • News
    • Opinion
    • Showcase
    • Themes
    • Tutorials
    • WordPress Plugins
  • Start Here
    • How to Start a Blog
    • Create a Website
    • Start an Online Store
    • Best Website Builder
    • Email Marketing
    • WordPress Hosting
    • Business Name Ideas
  • Deals
    • Bluehost Coupon
    • SiteGround Coupon
    • WP Engine Coupon
    • HostGator Coupon
    • Domain.com Coupon
    • Constant Contact
    • View All Deals »
  • Glossary
  • Videos
  • Products
X
☰
Beginner's Guide for WordPress / Start your WordPress Blog in minutes
Choosing the Best
WordPress Hosting
How to Easily
Install WordPress
Recommended
WordPress Plugins
View all Guides

WPBeginner» Blog» Tutorials» How to Disable HTML in WordPress Comments

How to Disable HTML in WordPress Comments

Last updated on March 21st, 2015 by Editorial Staff
3 Shares
Share
Tweet
Share
Pin
Free WordPress Video Tutorials on YouTube by WPBeginner
How to Disable HTML in WordPress Comments

By default, WordPress allows certain HTML tags within the comments such as <a> <em> <strong> etc. If you notice a lot of SPAM comments also contain these tags. Most SPAM comments are made by bots and scripts, which are using HTML tags. If you simply disable HTML from your WordPress comments, it can prevent a lot of SPAM. In this tutorial we will show you how you can disable HTML tags in your WordPress comments.

This tutorial will only disable active HTML tags. So someone can still post something like:

&lt;a&gt;&lt;em&gt;&lt;strong&gt;

And it will show up, but the tags will not be functional. So if someone uses the strong tag, it won’t bold the text. Besides not many SPAM bots have time to do this because this way takes up a lot of time and it is not beneficial for them.

All you have to do is simply open your functions.php and add the following code:

    // This will occur when the comment is posted
    function plc_comment_post( $incoming_comment ) {

    // convert everything in a comment to display literally
    $incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']);

    // the one exception is single quotes, which cannot be #039; because WordPress marks it as spam
    $incoming_comment['comment_content'] = str_replace( "'", '&apos;', $incoming_comment['comment_content'] );

    return( $incoming_comment );
    }

    // This will occur before a comment is displayed
    function plc_comment_display( $comment_to_display ) {

    // Put the single quotes back in
    $comment_to_display = str_replace( '&apos;', "'", $comment_to_display );

    return $comment_to_display;
}

If you don’t want to manually add this code yourself, then the original author also offers a plugin that you can download. Simply install and activate Peter’s Literal Comments plugin.

The reason why this way is better is because it does not require you to change the core files. If you want to edit your core files then you may go to wp-includes/kses.php and edit the codes there. (This is not Recommended, but it is here for the sake of knowledge. (WP Codex for more details)

3 Shares
Share
Tweet
Share
Pin
Popular on WPBeginner Right Now!
  • Revealed: Why Building an Email List is so Important Today (6 Reasons)

    Revealed: Why Building an Email List is so Important Today (6 Reasons)

  • Checklist

    Checklist: 15 Things You MUST DO Before Changing WordPress Themes

  • How to Start Your Own Podcast (Step by Step)

    How to Start Your Own Podcast (Step by Step)

  • Google Analytics in WordPress

    How to Install Google Analytics in WordPress for Beginners

About the Editorial Staff

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi. Trusted by over 1.3 million readers worldwide.

The Ultimate WordPress Toolkit

23 Comments

Leave a Reply
  1. Gwyneth Llewelyn says:
    May 28, 2020 at 11:25 am

    Unfortunately, the Peter’s Literal Comments plugin is not active any longer; it has been updated last in 2015, and may not even work on recent versions any more. You might need to recommend a different plugin instead…

    Reply
    • WPBeginner Support says:
      May 29, 2020 at 8:48 am

      Thank you for letting us know that the plugin is not active a the moment. When we look at updating the article we will look for an alternative :)

      Reply
  2. KM Shariful says:
    Mar 9, 2018 at 10:29 pm

    What html codes I can use in comment box of wordpress site as a visitor?

    Reply
    • WPBeginner Support says:
      Mar 10, 2018 at 5:17 pm

      Hi,

      You can use the following HTML tags in comments by default.

      <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

      Reply
  3. San Solanki says:
    Jun 6, 2016 at 5:35 am

    Very well written article, i always follow your blog for all my wordpress problems thnks

    Reply
  4. Ekesmall says:
    Nov 9, 2015 at 2:23 pm

    Is not working here………anyway round??

    Reply
  5. Sandile Nxumalo says:
    Oct 3, 2015 at 11:21 am

    After all these years, this still works. Thanks

    Reply
  6. carlo says:
    Mar 20, 2015 at 10:10 pm

    Dude, you forgot the closing tag }

    Reply
    • WPBeginner Support says:
      Mar 21, 2015 at 6:41 am

      Thanks for pointing out, we have fixed the code snippet.

      Reply
  7. anshu says:
    Apr 14, 2014 at 5:56 am

    there are lots of commnts on my every blog post … how to disable HTML hyperlink so that i can prevent my blog post from spam

    Reply
  8. falvarez says:
    Nov 7, 2012 at 4:38 am

    I think that something is missing. You should add your function plc_comment_display() to the filter stack like this:

    add_filter(‘comment_text’, ‘plc_comment_display’);

    Regards.

    Reply
  9. johnroypaul says:
    Apr 5, 2012 at 4:19 am

    Brilliant article thanks! Seems to work perfectly well with the latest versions of wordpress as well (3.3) Made the code a lot cleaner as mentioned and seems to have made life easier when trying to implement the comments form into side areas ect. (Had a nightmare with previous use of the normal code)

    Reply
  10. wordpress hosting says:
    Jan 19, 2012 at 5:46 am

    The more mature you are, the harder at risk you are for getting something undesirable happen to you while overseas. Thanks for revealing your suggestions on this blog.You have good grapes on wordpress thanks for making my problem so easy .

    Reply
  11. Kamal says:
    Mar 21, 2010 at 2:23 am

    Great, by this way one can ensure that nobody drops links in the comment box. I really hate to see people doing that unnecessarily.

    Reply
  12. shoaib hussain says:
    Feb 18, 2010 at 5:25 am

    Nice piece of code,but if you happen to use thesis like I am,only needs to check a radio button and the html code vanishes.

    Reply
    • Editorial Staff says:
      Feb 19, 2010 at 9:02 am

      Yes you are right, but we are not supporting Thesis on this site because it is not compatible with the GPL License.

      Reply
  13. Cruz3N says:
    Feb 3, 2010 at 6:21 pm

    Its confused me Bro, but i make some simple plugin that allow you to replace with &gt ;

    <?php
    /*
    Plugin Name: Filter Comments
    Plugin URI: http://cruzenaldo.com/plugin-sederhana-filter-komentar/
    Description: Plugin sederhana untuk melakukan filterisasi terhadap komentar dan mencegah user menginput tag – tag HTML
    Author: Cruz3N
    Author URI: http://www.cruzenaldo.com/
    Version: 1.0
    */

    function my_function ($text) {
    $text = str_replace('’, ‘&gt ;’, $text);
    return $text;
    }

    add_filter(‘comment_text’, ‘my_function’);
    ?>

    You can modification that better… Hope usefull

    Download here
    http://www.box.net/shared/rgb4lmt5uy

    And this is my ugly blog :p
    http://cruzenaldo.com/

    Best Regard
    Cruz3N

    Reply
  14. Infographiste says:
    Jan 30, 2010 at 1:12 pm

    Thank you for the useful tuto and easy to follow. I’ve found another one explaining how to disable HTML but was to hard and badly explained, anyway thanks again and have a great week end :)

    Reply
  15. michelle says:
    Jan 1, 2010 at 9:26 am

    this great and should help to block out loads of spam :) thanks

    Reply
  16. Blogger Pemula says:
    Dec 27, 2009 at 8:34 pm

    Thanks for the Great Tips.
    Is it affecting commentluv plugin?

    Reply
    • Editorial Staff says:
      Dec 28, 2009 at 10:37 am

      Haven’t tried yet, but don’t think it should.

      Reply
  17. Ms. Freeman says:
    Nov 11, 2009 at 12:21 pm

    This will be of great help from those spam bots that try to leave comments with twenty or so links…LOL:) Thanks

    Reply
  18. Jad Limcaco says:
    Nov 10, 2009 at 1:08 pm

    Thanks! Didn’t know how to do this before.

    Reply

Leave a Reply Cancel reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

Over 1,320,000+ Readers

Get fresh content from WPBeginner

Featured WordPress Plugin
MonsterInsights
MonsterInsights
Google Analytics made easy for WordPress. Learn More »
How to Start a Blog How to Start a Blog
I need help with ...
Starting a
Blog
WordPress
Performance
WordPress
Security
WordPress
SEO
WordPress
Errors
Building an
Online Store
Useful WordPress Guides
    • 7 Best WordPress Backup Plugins Compared (Pros and Cons)
    • How to Fix the Error Establishing a Database Connection in WordPress
    • Why You Need a CDN for your WordPress Blog? [Infographic]
    • 30 Legit Ways to Make Money Online Blogging with WordPress
    • Self Hosted WordPress.org vs. Free WordPress.com [Infograph]
    • Free Recording: WordPress Workshop for Beginners
    • 24 Must Have WordPress Plugins for Business Websites
    • How to Properly Move Your Blog from WordPress.com to WordPress.org
    • 5 Best Contact Form Plugins for WordPress Compared
    • Which is the Best WordPress Popup Plugin? (Comparison)
    • Best WooCommerce Hosting in 2021 (Comparison)
    • How to Fix the Internal Server Error in WordPress
    • How to Install WordPress - Complete WordPress Installation Tutorial
    • Why You Should Start Building an Email List Right Away
    • How to Properly Move WordPress to a New Domain Without Losing SEO
    • How to Choose the Best WordPress Hosting for Your Website
    • How to Choose the Best Blogging Platform (Comparison)
    • WordPress Tutorials - 200+ Step by Step WordPress Tutorials
    • 5 Best WordPress Ecommerce Plugins Compared
    • 5 Best WordPress Membership Plugins (Compared)
    • 7 Best Email Marketing Services for Small Business (2021)
    • How to Choose the Best Domain Registrar (Compared)
    • The Truth About Shared WordPress Web Hosting
    • When Do You Really Need Managed WordPress Hosting?
    • 5 Best Drag and Drop WordPress Page Builders Compared
    • How to Switch from Blogger to WordPress without Losing Google Rankings
    • How to Properly Switch From Wix to WordPress (Step by Step)
    • How to Properly Move from Weebly to WordPress (Step by Step)
    • Do You Really Need a VPS? Best WordPress VPS Hosting Compared
    • How to Properly Move from Squarespace to WordPress
    • How to Register a Domain Name (+ tip to get it for FREE)
    • HostGator Review - An Honest Look at Speed & Uptime (2021)
    • SiteGround Reviews from 4464 Users & Our Experts (2021)
    • Bluehost Review from Real Users + Performance Stats (2021)
    • How Much Does It Really Cost to Build a WordPress Website?
    • How to Create an Email Newsletter the RIGHT WAY (Step by Step)
    • Free Business Name Generator (A.I Powered)
    • How to Create a Free Business Email Address in 5 Minutes (Step by Step)
    • How to Install Google Analytics in WordPress for Beginners
    • How to Move WordPress to a New Host or Server With No Downtime
    • Why is WordPress Free? What are the Costs? What is the Catch?
    • How to Make a Website in 2021 – Step by Step Guide
Deals & Coupons (view all)
LiveChat logo
LiveChat Inc Coupon
Get a 30 day free trial and 30% OFF LiveChat, one of the best live chat service providers for WordPress users.
LearnDash
LearnDash Coupon
Get the lowest price on the best learning management system (LMS) plugin for WordPress.
Featured In
About WPBeginner®

WPBeginner is a free WordPress resource site for Beginners. WPBeginner was founded in July 2009 by Syed Balkhi. The main goal of this site is to provide quality tips, tricks, hacks, and other WordPress resources that allows WordPress beginners to improve their site(s).

Join our team: We are Hiring!

Site Links
  • About Us
  • Contact Us
  • FTC Disclosure
  • Privacy Policy
  • Terms of Service
  • Free Blog Setup
  • Free Business Tools
  • Growth Fund
Our Sites
  • OptinMonster
  • MonsterInsights
  • WPForms
  • SeedProd
  • Nameboy
  • RafflePress
  • Smash Balloon
  • AIOSEO

Copyright © 2009 - 2021 WPBeginner LLC. All Rights Reserved. WPBeginner® is a registered trademark.

Managed by Awesome Motive | WordPress hosting by SiteGround | WordPress Security by Sucuri.