By default, WordPress allows certain HTML tags within comments, such as If you notice that many of the SPAM comments also contain these tags. Most SPAM comments are made by bots and scripts, which use HTML tags. If you simply disable the HTML of your WordPress comments, you can prevent a lot of SPAM. In this tutorial, we will show you how you can disable HTML tags in your WordPress comments.
This tutorial will only disable active HTML tags. So someone can still post something like:
And it will be displayed, but the labels will not be functional. So if someone uses the strong tag, it won't make the text bold. Also, not many SPAM bots have time to do this because this way is time consuming and not beneficial for them.
All you have to do is simply open your functions.php and add the following code:
// Esto ocurrirá cuando se publique el comentario. Función plc_comment_post ($ incoming_comment) // convertir todo en un comentario para mostrar literalmente $ incoming_comment ['comment_content'] = htmlspecialchars ($ incoming_comment ['comment_content']); // la única excepción son las comillas simples, que no pueden ser # 039; porque WordPress lo marca como correo no deseado $ incoming_comment ['comment_content'] = str_replace ("'",''', $ incoming_comment [' comment_content ']); return ($ incoming_comment); // Esto ocurrirá antes de que se muestre un comentario. Función plc_comment_display ($ comment_to_display) // Ponga las comillas simples en $ comment_to_display = str_replace (''', "'", $ comment_to_display); devuelve $ comment_to_display;
If you don't want to add this code manually, the original author also offers a plugin that you can download. Simply install and activate Peter's Verbatim Comment Plugin.
The reason this way is better is because it doesn't require you to change the core files. If you want to edit your core files, you can go to wp-includes/kses.php and edit the codes there. (This is not Recommended, but is here for the sake of knowledge. (WP Codex for more details)