One of the first things I noticed when converting my Genesis child theme from XHTML to HTML 5 was the changes to the comment form. By default, WordPress includes comment form allowed tags in the source code.
The problem I have found with these tags is that they can attract spam comments which include HTML links.
This may have something to do with the fact the source code for the comments form includes code which can be easily scanned by link posting spam bots.
Comment Notes After
comment_notes_after generates a string of text which is displayed after the set of comment fields.
You can view the exact code included in the WordPress comments form template WordPress comments template.
Here’s the code which I extracted from the comments template.
Here’s an image of the default code for comments notes after.
This code is basically telling spam bots that they can leave HTML links in your comments form which will certainly increase the rate of spam you need to moderate.
Preventing Comment Form Spam
No doubt its easy to stop spam comments by configuring your Discussion settings so that all comments require approval by an administrator but that still causes frustration and no one likes that.
Akismet does a pretty good job of filtering spam comments but I have noticed the addition of comment form allowed tags increases the amount of comments which need moderating.
So what’s the best solution?
Remove the allowed tags from the comment form completely using a PHP filter or hide it using CSS code.
CSS code won’t remove the source code which spam bots scan so its far better to use PHP code to solve this problem once and for all.
Unset & Remove Form Allowed Tags
Using the WordPress comments_form_default filter you can prevent the text from displaying form allowed tags after the comment fields.
Here’s the code to unset and remove the comment form allowed tags. It also removes the string of text and HTML before and after the comments form.
You could also use the genesis_comment_form_args filter to do the same job and i will add that code to this post shortly.
Plugin
This plugin also removes comment for allowed tags as well as before and after notes.
Remove Other Comment Form Fields
If you want to customize your comment form further and reduce the chance of comment spam, here’s a post about how to reduce comment spam.
The post also includes code to remove the web site URL field from the comments form which will help prevent spam comments further.
How Effective Is This Solution
Since i have removed the comment form allowed tags from this site, the spam has stopped completely.
How about you? Did you update to HTML 5 and have the same problem? Did removing the allowed tags solve the problem?
More Solutions For Customizing Your Comment Form
- Customize Comment Form Text Area & Label
- Open Comment Author Link In New Window
- Modify Text Before & After Comment Form
- Customize Comment Form Place Holder Input Text Fields & Labels
- Style Comment Form Submit Button
- Remove Comment Form Support From Any WordPress Theme
Do You Have Any Tips?
Please share any tips you have or experience preventing comment spam. Thanks
The code works seamless, thanks. How can I remove the website url in the comment box and which of the plugins is best for subscribe to comment?
Thanks
I use Jetpack for subscribe to comment but i think there are others you can test.
Try this plugin removes both comment form allowed tags and the website URL field so you will need to remove the code which you added.
http://wordpress.org/plugins/stop-comment-form-spam/
I’ve tried using this code along with the Bones starter theme to no avail.
I can’t seem to pinpoint why altering these fields doesn’t work as it should with this theme. Any other theme I’ve tested against seems to work. I can’t find the hook or filter that needs to be used to adjust the bones theme.
Hello Evan
Works perfectly on bones based on my testing.
Thanks for this. Is there an equivalent solution for trackbacks? Even though all the trackback settings are disabled for my clients, they still get a ton of spammy trackbacks!
In the discussion settings you can turn them off.
I read another of your posts, and I deleted the wp-trackbacks.php file.
Didn’t know you could do that. Thanks for the tip Jon.
Maybe I misread, but here is where I got the idea http://wpsites.net/wordpress-admin/what-is-a-pingback/
I don’t know why, but on multiple WP installations with Genesis, it ignores my having turned off the trackbacks in discussion settings. I realize that without the wp-trackbacks I won’t get any pingbacks or trackbacks, but every single one was spam anyway.
I thought the only way to get them to display on the front end was to add code to make it happen however you’re the 2nd person who has mentioned this recently. Not sure whats causing this but i will keep a look out on the forums for a solution.
Thanks Brad I had been searching everywhere for this fix for the messy looking comment box text which may bamboozle the average punter – worked great – thanks again.
No worries Steve.
Thanks Brad. I was looking for a simple way to do this and your way worked a treat!
No worries Martin
Thanks for the tip! Did you find the genesis_comment_form_args filter way to do the same job?
No need to use genesis filters because Genesis 2.0 and WordPress 3.6 supports HTML 5 so the comment form function can be filtered using the WordPress filters.
Just what I needed, thank you and also for your help on the Genesis forum.
Anytime Emasai.
Hi Brad
I used to use Akismet but had to check the spam comments a couple of times a day to make sure that genuine comments haden’t been thrown into the spam.
These days I use the Growmap Anti Spambot Plugin by Andy Bailey the Comment Luv guy.
I also use the Simple Trackback Validation plugin.
Still get a bit of spam but at least I know that they have had to post it manually!
I notice that you don’t have a URL field for your commenters, which you presumably do to discourage spam comments.
Hi Keith
Seems the GASP solution is popular and works well.
I have found that since i removed the allowed tags, the spam has disappeared totally.
Can’t be certain its related to that but it seems likely.
I get less comments after removing the website url field but i feel the comments are far more genuine now.
Thanks for the comment.