Comment Spam, new twist

This post was published more than a few years ago (on 2004-09-21) and may contain inaccurate technical information, outmoded thoughts, or cringe takes. Proceed at your own risk.

Just in the past few days, I've been seeing a new form of comment spam coming through, and making it past my spam filters. Instead of using the words that they know I will probably have on my block list, I instead get a string of HTML codes like:


…which ends up giving me "internet casinos", which my filter would normally detect.

It seem the simplest solution is just to put the string &# into my filter list, which should catch these letter substitutions --- but once I add that, I get all sorts of errors from the WordPress code that runs the spam filter, because it doesn't like the #. Anyone else have any suggestions?


With the help of WPBlacklist, I seem to have stemmed the tide. Thanks,, and the rest of the WP community!

1 thought on “Comment Spam, new twist”

Comments are closed.