WordPress allows some basic HTML in the comment form by default. But if you want to completely strip out HTML tags from comments, either for security, clean formatting, or to keep things simple for users, here’s a quick snippet to help you do just that.
What This Snippet Does
It automatically removes all HTML tags from the comment content before it’s saved to the database. That means users can’t sneak in unwanted tags or try to style their comments.
The Snippet
Add this to your theme’s functions.php file or a custom plugin:
1
function disable_comment_html($commentdata) {2
$commentdata['comment_content'] = wp_strip_all_tags($commentdata['comment_content']);
3
return $commentdata;
4
}
5
add_filter('preprocess_comment', 'disable_comment_html');How It Works
- The preprocess_comment filter lets you modify comment data before it’s inserted into the database.
- Inside the function, we grab the actual comment content.
- Then we use wp_strip_all_tags() to remove any and all HTML tags.
- Finally, we return the cleaned-up comment.
What About Markdown or Shortcodes?
This method removes all HTML, so if you use plugins that allow Markdown or shortcodes in comments, you might want to tweak the logic a bit or skip this snippet.
Before you add any code snippets to your project, make sure you understand what the code does and back up your files just in case. Even small changes can have big effects, so test everything in a safe environment first!