Start your free month on LinkedIn Learning, which now features 100% of Lynda.com courses. Develop in-demand skills with access to thousands of expert-led courses on business, tech and creative topics.

Start My Free Month

Stop automated spam

Join Jeff Starr for an in-depth discussion in this video Stop automated spam, part of WordPress: Developing Secure Sites .

- [Narrator] In this video, we use the htaccess file to prevent a common type of spam known as No Referrer spam. No Referrer spam happens when spammers target the WordPress comment script directly without actually visiting your website like a human being. Preventing this type of spam helps to save bandwidth and other server resources and also keeps your site looking clean and professional. Here we see the files and directories that are included in a default installation of WordPress. To protect against No Referrer spam, first open the htaccess-code snippet from the exercise files, copy the code and then open the htaccess file located in the root directory of your WordPress installation.

If an htaccess file doesn't exist, you can add the one that's included in the exercise files for this tutorial. Once you have the htaccess file in place go ahead and paste the snippet anywhere near the top of the file before any WordPress related code. The only thing we need to edit is this line right here. We want to change the example.com to match our own domain name. The domain name for our demo site is perishablepress.net so we just make that quick change and we're all set.

Next save and upload the file to your server. And once that's done we return to our demo site and check that everything is working properly. Everything looks good. So now let's check that the code is actually working and doing what it's supposed to do. Here is the URL of the comments post file that we are protecting. Let's copy the URL and then visit this extremely awesome request maker. Here we can enter the URL of our comments post file and up at the top here there is a drop down menu to set the request method, which we want to set as post because that's what spammers will be doing when requesting the file.

So let's pretend we're a spammer and click the Submit button to send our scummy spam comment. Excellent, as expected the post request returns a 403 forbidden response, which is perfect for stopping spammers from posting their garbage directly via the comment script and that's all there is to it. In this video we learn how to use the htaccess file to protect our site against spam. This helps from a security perspective and from a performance perspective.

No more leeching of resources means a better experience for our valued site visitors.

Resume Transcript Auto-Scroll

Author

Jeff Starr

Skill Level Intermediate

2h 38m

Duration

173,186

Views

Show More Show Less

Related Courses

Introduction
- Welcome
  1m 3s
- Using the exercise files
  2m 14s
1. Getting Started
- Back up your site
  4m 6s
- Restore your site
  5m 36s
- Keep your site up to date
  4m 37s
2. Security Essentials
- Implement strong passwords
  4m 28s
- Understand users and roles
  3m 29s
- Choose trusted plugins and themes
  7m 13s
- Remove unused plugins and themes
  4m 38s
- Change and recover passwords
  3m 30s
- Disable file editing in the admin area
  3m 19s
- Disable user registration
  2m 41s
3. Hardening WordPress
- Protect the configuration file
  4m 44s
- Configure authentication keys
  1m 55s
- Customize the database prefix
  3m 22s
- Set proper file permissions
  3m 1s
- Prevent directory listings
  3m 59s
- Remove version numbers
  3m 47s
- Disable error display
  3m 7s
4. Improving Security with Plugins
- Fight comment spam
  3m 25s
- Secure your login page
  4m 34s
- Stop user enumeration
  4m 50s
- Monitor admin users
  4m 19s
- Implement a firewall
  3m 6s
- Block access
  6m 5s
- Detect hacks
  7m 47s
5. Advanced Tips and Tricks
- Stop file hotlinking
  4m 18s
- Protect the installation page
  5m 12s
- Stop automated spam
  2m 32s
- Detect and block bad bots
  4m 2s
- Firewall your site
  4m
- Control proxy access
  4m 21s
- Control admin access
  4m 59s
6. Applying Best Practices
- Find and report vulnerabilities
  3m 54s
- Audit your WordPress site
  5m 2s
- Choose a good host
  6m 16s
- Further security techniques
  6m 55s
Conclusion
- Next steps
  2m 9s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Stop automated spam

Author

Skill Level Intermediate

Duration

Views

Related Courses

WordPress: Ecommerce

WordPress: Building Child Themes

Building a Single-Page Application with AngularJS and WordPress

Introduction

1. Getting Started

2. Security Essentials

3. Hardening WordPress

4. Improving Security with Plugins

5. Advanced Tips and Tricks

6. Applying Best Practices

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month