Back to Top

Disable HTML in Comments Entirely

Previous Post:

Disable HTML in Comments Entirely

Although not typical and not recommended, there are cases when webmasters decide that visitors are not allowed to post any HTML contents. To actually forbid all HTML (or some if you wish), you might try one of the following approaches:

1. Use a plugin: Peter’s Literal Comments (click to download)

This is actually a tiny plugin that was created some time ago but still works great. According to what the author said, this plugin:

converts single quotes, double quotes, the less than symbol (<), the greater than symbol (>), and ampersands (&) to HTML entities whenever a comment is posted, so that they are displayed as-is when someone views the comment. It then passes the comment off to any subsequent processing that you might have (such as an anti-spam filter) so it should play nicely with other plugins. This also does not affect any subsequent editing by the site administrator, so I can add link tags to a comment in the rare time that a commenter intended to do that.

http://www.theblog.ca/literal-comments

If you want, you can follow the link to the author’s blog and copy & paste the codes instead of installing them as a plugin. As stated in the description, this plugin will not strip your HTML tags. If stripping tags is what you’re after, you should go ahead and use approach 2.

2. Using Kses:

Following the official WordPress FAQ, all you have to do is to edit the file kses.php, which is located in wp-includes. But who would like to edit the core files anyway? Let’s do something safer, shall we? Open your theme’s functions.php and put in these codes:

function disable_html_in_comments()
{
	global $allowedtags;
	$allowedtags = array();
}
disable_html_in_comments();

Plain and simple, eh? If you want to disable all HTML except for anchor links, for example, use this instead:

function disable_html_in_comments()
{
	global $allowedtags;
	$allowedtags = array(
		'a' => array(
			'href' => array (),
 			'title' => array ()
		)
	);
}
disable_html_in_comments();

Please note that the first approach should only affect newly posted comments while the second will happily strip every HTML in all comments for you!

Take Social Sharing to
the Next Level with Monarch!

Take Social Sharing to the Next Level with Monarch!
Print Article Trackback Trackback to this Article   Subscribe to Comments RSS Subscribe to Comments RSS

5 Opinions for Disable HTML in Comments Entirely

  1. User's Gravatar
    1
    Jez March 19, 2011 at 11:16 pm – Permalink

    Thanks for such a nice tip! I definitely hate the way people post spam links in their comments!

  2. User's Gravatar
    2
    Rodolfo July 24, 2012 at 3:50 pm – Permalink

    Thank you so much, very simple and working!

  3. User's Gravatar
    3
    Luke December 29, 2012 at 12:11 am – Permalink

    Great and simple solution!
    BTW, I noticed that also the second approach only workes on new comments.
    Maybe I did something wrong, but in any case the solution works fine!

    Thanks!

  4. User's Gravatar
    4
    Max March 11, 2013 at 2:58 pm – Permalink

    Thanks, very useful tip!
    P.S.: remove overflow:hidden from posts container, because your FB like shows cropped when click

  5. User's Gravatar
    5
    lubrique malicieuse May 23, 2014 at 1:15 pm – Permalink

    Très bon post, j’en discuterai dans la semaine avec certains de mes collègues

Speak Up Your Mind!

An asterisk (*) indicates a required field and must be filled.




  • Web page and e-mail addresses turn into links automatically.
  • Wrap codes in: <code lang=""></code> or <pre lang="" extra="">
  • Lines and paragraphs break automatically.

Next Post: