I have a lot of spam comments being posted on my WordPress site. It is being posted using the wp-comments-post.php file. I can see from the logs:
"POST /wp/wp-comments-post.php HTTP/1.0" 302 3744 "https://example.com/wp/link/" "Mozilla/5.0 (Windows NT 6.1; WOW64)
I already have this in my .htaccess file:
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} !.*example.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]
It does not seem to prevent it. Is there anything wrong in the above code?