At WPBeginner, we don’t store users’ IP addresses in our WordPress comments. That’s because we want to respect our visitors’ privacy and ensure our site is fully compliant with data protection regulations like GDPR.
By default, WordPress logs and stores the IP addresses of commenters to protect against spam. However, with the rise of data privacy laws, you may want to disable this functionality to better protect your website visitors’ data.
In this article, we’ll show you how to stop storing IP addresses in WordPress comments.
Should You Stop Storing IP Addresses in WordPress Comments?
Yes, you should stop storing IP addresses in WordPress comments if you want to ensure your website’s compliance with the General Data Protection Regulation (GDPR).
By default, WordPress will store users’ IP addresses on your website (unless they use a VPN).
This is mainly used to combat spam comments from suspicious IP addresses. Some website security plugins may also use IP addresses to put users in a comment blacklist or block malicious IP addresses to prevent threats like brute force attacks and DDoS attacks.
However, some users may feel uncomfortable with their IP addresses being is logged, and it can make your WordPress website less compliant with GDPR. This is because GDPR classifies IP addresses as personal data.
Most WordPress web hosting providers keep raw access logs of all visitors to your website for a limited period of time. Plus, you can view these IP addresses when viewing the Comments page in the WordPress dashboard.
Now, let’s look at how to block IP addresses from being saved in WordPress comments and improve your WordPress security. Here is an overview of what we will cover:
How to Stop Storing IP Addresses in WordPress Comments
This first method uses the WPCode plugin. We will use this plugin to insert a custom code snippet that stops your website from storing IP addresses from the comments section.
If this is your first time using code, don’t worry. WPCode’s user-friendly interface makes it easy to insert and manage custom code, even for a beginner.
To use WPCode, you need to install the plugin first on your admin dashboard. For more guidance, check out our article on how to install a WordPress plugin.
Note: This article will use the WPCode free version, but feel free to upgrade to a Pro plan for more advanced features like conditional logic and scheduled snippets.
Now, you need to go to Code Snippets » + Add Snippet from your WordPress admin panel. After that, click the ‘+ Add Custom Snippet’ button under ‘Add Your Custom Code Snippet’.
You will now see the Create Custom Snippet screen.
First things first, you have to add a title for your code snippet. It can be something like ‘Disable IP Address in Comments.’
In the Code Type dropdown, choose ‘PHP Snippet.’ Then, in the Code Preview box, you can insert the following code:
function wpb_remove_commentsip( $comment_author_ip ) { return ''; } add_filter( 'pre_comment_user_ip', 'wpb_remove_commentsip' );
It should look like this.
Now, scroll down to the ‘Insertion’ section. Make sure the Insert Method is ‘Auto Insert’ and the Location is ‘Run Everywhere.’
This will ensure the code is added to your WordPress theme’s functions.php file properly.
After that, make sure the toggle in the top right corner says ‘Active’ and click ‘Save Snippet.’
Now, the next time someone leaves a comment, you won’t see their IP address on the WordPress Comments page. That’s because this code will automatically block the attempt to save that information.
However, you will notice that previous comments still have this information stored. We will talk more about how to remove this data in the next part of the tutorial.
How to Remove IP Addresses From Older WordPress Comments
To remove IP addresses from your older WordPress comments, you will need to use phpMyAdmin. It’s a database management platform that usually comes with your WordPress hosting control panel.
Note: Before you do anything, we strongly recommend you back up your WordPress database first. That way, you can restore the database if you make a critical error.
Once you do that, you need to log in to your WordPress hosting account and look for the phpMyAdmin menu, which is typically located in your cPanel.
For Bluehost users, you will find phpMyAdmin by going to ‘Websites’ and selecting the website you want to configure in your dashboard. It should be under ‘Quick Links’.
Inside phpMyAdmin, you can navigate to the ‘SQL’ tab.
After that, enter this query below:
UPDATE wp_comments SET comment_author_IP = '';
Note that if you have a custom WordPress database prefix, then please change wp_comments
to your custom table prefix.
Once that’s done, simply click the ‘Go’ button below the text area to run your query.
At this stage, just go back to your WordPress Comments page to see if the query worked properly. That’s it!
Discover More Ways to Secure Your WordPress Website
Stopping WordPress from storing IP addresses in comments is a great step to making your website more compliant with user privacy laws. Here are some other ways you can take it to the next level:
- How to Add a GDPR Comment Privacy Opt-in Checkbox in WordPress
- How to Create GDPR-Compliant Forms in WordPress
- How to Add a Cookies Popup in WordPress for GDPR/CCPA
- Best WordPress GDPR Plugins to Improve Compliance
- How to Know if Your WordPress Website Uses Cookies
We hope this article has helped you learn how to stop storing IP addresses in WordPress comments. You may also want to see our expert picks for the best WordPress security plugins and our guide to the tell-tale signs hackers have hijacked your WordPress site.
If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.
Hajjalah
I had already disabled storing IP addresses in comments using a custom code but i was struggling with “Removing the IP Addresses From Older WordPress ” but this article has helped me out instantly.
Just paste the code in phpMyAdmin ‘SQL’ and you are all set. Indeed WordPress customization and coding is becoming simpler courtesy of WPBeginner. Thanks a lot.
WPBeginner Support
Glad you found the SQL snippet helpful!
Admin
Prajwal Shewatkar
As privacy laws are getting stricter day by day it is important to eliminate collection and long-term storage of personally identifiable information. I’ve been using a plugin to remove IP addresses previously. thanks a lot, WPbeginner for providing such a useful code snippet.
Jiří Vaněk
Thank you for the article. Many people in the Czech Republic are very sensitive to any private data after the introduction of GDPR. This is definitely useful so that they don’t have to worry about their sensitive data being displayed somewhere. One then feels much more free to write a comment.
Abraham
I’m trying to hide old comments IP address, it’s not working.
WPBeginner Support
You may want to reach out to your theme’s support to ensure this isn’t something specific to your theme.
Admin
pepe
It’s bad for SEO to delete these IPs?
WPBeginner Support
No, it is not.
Admin
Serdar
Is it possible to stop storing author’s ip address without using plugin?
Thanks!
Melika
Thanks for this article.
The question that i have is if i stop storing IPs in WP comments, will this break the functionality of plugins like Akismet ? or will they still work properly?
WPBeginner Support
They will still work, however they may not be able to catch spam comments using known IP addresses used for mass spamming. So a lot of spam comments may appear in your moderation queue.
Admin
Matija
If comment IPs are stored in database, will stopping storing IPs improve or make database perform better?
WPBeginner Support
We don’t think it will make any significant improvement in database performance.
Admin