Comment Spam Reduction from Rename of WordPress wp-comments-post.php

Renaming WordPress wp-comments-post.php File May Reduce Spam Comments

Allowing comments on a WordPress post is a way of engaging users and helps with encouraging repeat visits. However, there are far to many malicious web sites that want to use the WordPress comments feature to post links to themselves. This is often attempted by automated software called bots. The bots (software robots) will bypass any comment posting checks (such as CAPTCHA) and access the comment posting code directly via the WordPress file wp-comments-post.php. You can reduce the chance of comment spam by renaming wp-comments-post.php, this tutorial shows how to do it. Please note this will involve changes to your WordPress installation. Always ensure regular backups of the web site are available, just in case anything needs to be restored. (Most web hosting providers give access to a back up facility on top of their own backup routines. Contact your hosting provider to find out how to perform a specific backup of your web site.)

Another Advantage of Renaming wp-comments-post.php to Reduce Comment Spam

Every time comment spam is posted the web server that the site is hosted on has to consume resources. It runs PHP code and code to access the WordPress database. Executing code and sending the response out to the wp-comments-post.php request uses server resources. If the web site is on a low cost shared hosting plan then there is a limit to the resources available. Wasting resources responding to bots could result is proper visitors experiencing slow page responses. Renaming wp-comments-post.php can help lower overall server resource usage.

Renaming wp-comments-post.php

In this example the new name for the wp-comments-post.php file is going to be my-comments.php. Use what ever name is suitable.

The wp-comments-post.php file is a WordPress code file that is called from another WordPress code file called comment-template.php, in the directory wp-includes. If not using a standard WordPress theme then comments may be handled differently, check with the theme provider to see if the theme calls wp-comments-post.php.

The file comment-template.php is edited to change the reference to wp-comments-post.php to my-comments.php, at line 2022. In this tutorial it is assumed the web site is using the latest version of WordPress. If the web site hosting company does not have tools to change files on line then work locally with the files and upload them to the web server when ready. For example on a Windows machine use a text editor to edit a local copy of comment-template.php, remember it is in the wp-includes folder. The Windows Notepad program is not suitable for editing comment-template.php because of the line formatting style used in the file. Instead use a program such as Notepad++ to edit source code files.

(To get a local copy of the files use the web hosting tools to download the files. Alternatively download a zipped copy of WordPress from WordPress.org and unzip the files to a local directory.)

WordPress Updates May Require a Re-Edit of wp-comments-post.php

Since comment-template.php is a core WordPress file any WordPress updates may restore the original wp-comments-post.php name. After a WordPress update check that comment-template.php has not been changed. If it has edit it again to change the reference to wp-comments-post.php back to my-comments.php or whatever name was used.

Changing the theme-compat Directory

The file wp-comments-post.php is also referenced in the directory wp-includes/theme-compat, in comments-popup.php and comments.php. These files are deprecated (no longer used by the lastest WordPress releases). They are present in order to support old themes that have not been updated. If using the standard WordPress themes or other modern themes then these files can be deleted. Otherwise also change the reference to wp-comments-post.php to the new file name in both comments-popup.php and comments.php.

Copy wp-comments-post.php to the New File

With the name changed the next step is to copy wp-comments-post.php to the new file name, here called my-comments.php, use the name you have chosen. If doing this locally upload the new file to the wp-includes directory on the web site. If wp-comments-post-php gets changed in a WordPress update remember to copy the new version to a new my-comments.php.

Remove the Content of the Original wp-comments-post.php File

After creating the replacement wp-comments-post.php file the bots will still be trying to access the original. Therefore delete it. This will cause the web server to reply with a 404 error page. Alternatively to reduce the resources used to serve the 404 error page keep the wp-comments-post.php page but just delete all its contents. The bot is then just accessing a zero length file that does nothing.

Hopefully changing the wp-comments-post.php file in the web site’s WordPress installation will reduce the number of annoying comment spam that clutters the site administration pages as well as the time need to handle it.

Test the Changes Made to the Site to Reduce Comment Spam

Once all the changes have been made then test that comments are working. Browse to a post that allows comments and add one. The ability to add comments should work as before. If not double check the steps given above. If necessary the changes made can be undone by replacing the changed files with originals from a WordPress zip file from WordPress.org.

Summary

To reduce comment spam bot hits on wp-comments-post.php:

  • On the web server copy wp-comments-post.php to a new file, e.g my-comments.php.
  • In the wp-includes directory, in the file comment-template.php change the text wp-comments-post.php at line 2022 to the new file name, e.g. my-comments.php.
  • Delete the files in the wp-includes/theme-compat directory (or if using old non-WordPress themes change the references to wp-comments-post.php in comments.php and comments-popup.php).
  • Delete wp-comments-post.php so that bots get a 404 error response. Alternatively edit the file and remove all its contents for a low resource response.
  • Test that comments can still be posted.
  • When a WordPress update is released make sure that the wp-comments-post.php file has not been restored. If so copy it over to the new version (e.g. my-comments.php) and delete it or remove its contents. Also check that comment-template.php has not been restored. If so change the reference to wp-comments-post.php back to the new name (e.g. my-comments.php).

WordPress HTML5 Video Shortcode

Add a Shortcode for HTML5 Video to WordPress

A tutorial with example PHP code adding a shortcode to a WordPress based web site allowing video to be inserted into post using the HTML5 video tag, no extra Javascript library required. The html5_video shortcode adds the HTML video tag to a post to playback video in HTML5 enabled browsers. The latest versions of the popular browsers (Internet Explorer, Chrome, Firefox, Safari and Opera) support the video tag. Once the code is added to the site’s WordPress theme it can be used like this:

The html5_video shortcode parameters (options) are:

  • webm – The URL to the WebM version of the video, optional.
  • mp4 – The URL to the MPEG version of the video, optional.
  • ogg – The URL to the OGG version of the video, optional.
  • resize – If set to yes the width and height values are applied, optional, defaults to no.
  • width – If resize is set yes the width, in pixels, to display the video, optional, defaults to 200.
  • height – If resize is set yes the height, in pixels, to display the video, optional, defaults to 150.
  • poster – The URL for the poster image (the picture displayed before the user presses the play button) for the video, optional.
  • preload – The setting to use for the preload attribute, HTML5 values are noneautometadata, optional, defaults to metadata.

This html5_video shortcode is an alternative to the WordPress native Embeds support for some video hosting sites.

Changing the Theme’s Functions.php File

WordPress Editor OptionWordPress uses themes to style a web site. Part of the theme is a code file called functions.php. In this file code is called by the theme at various points as the user navigates the web site. Additional code is added to the file to extend a themes functionality. Here a function is defined to add the shortcode to allow for HTML5 video embedding in a post. You will need to edit the theme’s function.php file to add the new code. This can be done via the Editor under Appearance when administrating the site. Important: Before changing any web site files make a back up!. Continue reading

A to Z Index and Site Map for WordPress

The Code We Used For Our Website Index

Over the months and years a WordPress site will grow and grow with pages and posts. Older posts become buried under the new content and may not be easy to find for someone browsing your site. It is good to have a page that allows for easy navigation to older content, sometimes referred to as a site map. One has been added to this site, see our Index page. Our site map is more of a site index, it lists each category and the posts in each category in alphabetical order. There are WordPress plug-ins available for similar functionality though some can be overly complex. It can be difficult to find a straightforward way to index a site when searching for the answer on the web. Information on producing a site map or index page will often throw up articles on the sitemap.xml file format, which is used by search engines to help index a site. That file is important for your site and one is recommended, however, your web site visitors would appreciate a page with a site index that they can use when needed. We are sharing with you how we did it, so you do not waste time and can concentrate on your normal web site activity.

How to Add a Site Map with an A to Z Index to your WordPress Website

The index that we use on this site lists all the categories in alphabetical order and shows the number of posts in each category. Below that each category is shown with every post listed, again in alphabetical order. Clicking on a category in the first list will take you to its list of posts. Each list entry for a post will link to the post itself. Finally there is a list of the site pages.

Continue reading

Add a Favicon to a WordPress Theme

Example of a FaviconFavicons are those little icons to the left of the browser’s address bar, usually it is a small representation of the company’s logo. The icon is also shown to the left of the page title and in the bookmarks (favourites) list. It was introduce by Microsoft when it released Internet Explorer 5 in 1999 and is now widely supported. All the other major browsers allow the use of different graphic formats (.png, .jpg, .gif) as well as icon files, though for best results an icon file should be used (there are still some older browsers out there), see the Favicon article at Wikipedia.org. Here at Eye we use the Greenfish Icon Editor, though others are available, to produce icon files. Once the file has been produced drop it into the root of your site (the same location as the index.php file). To ship it with a WordPress child theme add a function to place the correct link tags in the head element of the web page. Read on to see how it is done. Continue reading

Need a Web site? Use a CMS to Make Life Easier

We are into the fourth decade of the personal computer, and the third decade of the Internet, by now computers are a breeze to use and easy to understand, yes? Sometimes you wonder why getting stuff done can take so long to do and is just too complicated for what should be straightforward. Websites are just a few pages of words and pictures, they must be just as easy to put together as any other document. Well they are if you use the right tools. Continue reading

WordPress Child Theme Quick Start with a New Folder and CSS File

Create a Blank Child Theme to Allow For Theme Modification

WordPress (from WordPress.org) is a free software package to make it easy for people to manage their own websites. It allows for easy blogging and content management. Most web hosting companies provide simple WordPress installation for domains purchased through them. Plus there is the dedicated WordPress site for blogging (WordPress.com).

The look of a site using WordPress is controlled by the current theme it is configured to use. WordPress comes with several default themes, named after the year in which a WordPress update was released. There is now default themes named Twenty Ten, Twenty Eleven, Twenty Twelve and Twenty Thirteen. There are thousands of themes available with many free and paid for “premium” themes. A theme can be changed to fine tune it to your own requirements. The best way to do this is to created a child theme that references the theme you want to change and make the required changes in this child theme. Then select the newly created child theme from the Themes option under Appearance when logged into WordPressThat way when the original theme is updated when a new release comes out the changes you have made are not overwritten. The following is a quick guide to making a starting child theme. Continue reading

Useful WordPress Additions

Eye uses WordPress to build web sites. It’s not just good for blogging sites but is great as a Content Management System (CMS). Over the (many) years of building web sites we have moved from hand coding HTML, to Dreamweaver and then Joomla!, but WordPress is the preferred tool. As a blogging system it’s great out of the box. As a pure CMS it needs a few extras to give it more flexibility. Here are extras found to be useful:

Plugins

This list of plugins is in the form link to plugin then link to plugin home page (if available).

Jetpackjetpack.me
eShopquirm.net
Better SearchBetter Search Home Page
Solve Media CAPTCHASolve Media
Simple Ads ManagerSimpleLib
Crayon Syntax Highlighter
Rename wp-login.php

Theme Moding

The tutorials at Voodoo Press ( http://voodoopress.com/) were used to help develop the Twenty Eleven child theme used on this site.

Site Index aka Site Map

Our WordPress based site has an Index, aka a Site Map, that was developed from various posts spread around the web. See the article A to Z Index and Site Map for WordPress, the code can be downloaded.

HTML5 WordPress Video Player Shortcode

For the HTML5 Video Test Page there was no way to added HTML5 style video mark-up to a post. Therefore a WordPress video player shortcode was developed to allow HTML5 style markup for video playback to appear in an article. See the WordPress HTML5 Video Shortcode tutorial for details on adding the shortcode to your theme.