Join The Club

Small Security Hole in WordPress Comments

I was just cleaning up some code on my site and noticed a small security hole in my comments sections. Every time I posted a comment, WordPress automatically added a class that pretty much told everyone my admin login name. The offending class is the “comment-author-admin” class. If you had changed your admin name to bavotasan, then it would read “comment-author-bavotasan”. Not too secure if you ask me.

I created a code snippet that can quickly remove the offending class from every comment. Just add this to your functions.php file:

function remove_comment_author_class( $classes ) {
	foreach( $classes as $key => $class ) {
		if(strstr($class, "comment-author-")) {
			unset( $classes[$key] );
		}
	}
	return $classes;
}
add_filter( 'comment_class' , 'remove_comment_author_class' );

Share this:

Email
Facebook
Twitter
Pinterest
Pocket

Premium Themes for WordPress

Looking for an easy-to-use Premium Theme for WordPress? Check out Themes by bavotasan.com and have your site up and running in no time.

Use this WordPress website builder to build powerful websites in no time for your or your clients.

WordPress Hosting

WP Engine – designed from the ground-up to support and enhance the workflow of web designers.

Bluehost – providing quality web hosting solutions since 1996.

Related

About the author

Picture of Luke Perrie

Luke Perrie

Premium WordPress Themes by bavotasan.com

Launchstream

More Info

Tienda

More Info

Destin

More Info
We exist to help you find the best tools and training to win with your WordPress website. From beginners to agencies…we can help.
Join The Club

Quick Links

Social

Resources

© 2024 WP Venture LLC. All Rights Reserved. Privacy Policy.

Facebook Youtube Tiktok Instagram