diff --git a/src/main/java/run/halo/app/config/HaloConfiguration.java b/src/main/java/run/halo/app/config/HaloConfiguration.java
index f412380b7..cdaf7256e 100644
--- a/src/main/java/run/halo/app/config/HaloConfiguration.java
+++ b/src/main/java/run/halo/app/config/HaloConfiguration.java
@@ -114,7 +114,7 @@ public class HaloConfiguration {
         ApiAuthenticationFilter apiFilter = new ApiAuthenticationFilter(haloProperties, optionService);
         apiFilter.addExcludeUrlPatterns(
                 "/api/content/*/comments",
-                "/api/content/*/comments/*"
+                "/api/content/**/comments/*"
         );
 
         DefaultAuthenticationFailureHandler failureHandler = new DefaultAuthenticationFailureHandler();
diff --git a/src/main/java/run/halo/app/model/properties/CommentProperties.java b/src/main/java/run/halo/app/model/properties/CommentProperties.java
index 3e66398e1..02f7298c5 100644
--- a/src/main/java/run/halo/app/model/properties/CommentProperties.java
+++ b/src/main/java/run/halo/app/model/properties/CommentProperties.java
@@ -18,7 +18,7 @@ public enum CommentProperties implements PropertyEnum {
 
     REPLY_NOTICE("comment_reply_notice", Boolean.class, "false"),
 
-    API_ENABLED("comment_api_enabled", Boolean.class, "false"),
+    API_ENABLED("comment_api_enabled", Boolean.class, "true"),
 
     PAGE_SIZE("comment_page_size", Integer.class, "10"),
 
diff --git a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
index ecd0f2dfb..a39d34693 100644
--- a/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
+++ b/src/main/java/run/halo/app/security/filter/AbstractAuthenticationFilter.java
@@ -40,11 +40,11 @@ public abstract class AbstractAuthenticationFilter extends OncePerRequestFilter
      */
     private Map<String, String> tryAuthUrlMethodPatterns = new HashMap<>(2);
 
-    private final AntPathMatcher antPathMatcher;
+    protected final AntPathMatcher antPathMatcher;
 
-    private final HaloProperties haloProperties;
+    protected final HaloProperties haloProperties;
 
-    private final OptionService optionService;
+    protected final OptionService optionService;
 
     protected AbstractAuthenticationFilter(HaloProperties haloProperties,
                                            OptionService optionService) {
diff --git a/src/main/java/run/halo/app/security/filter/ApiAuthenticationFilter.java b/src/main/java/run/halo/app/security/filter/ApiAuthenticationFilter.java
index a15f9c947..faa8eedab 100644
--- a/src/main/java/run/halo/app/security/filter/ApiAuthenticationFilter.java
+++ b/src/main/java/run/halo/app/security/filter/ApiAuthenticationFilter.java
@@ -8,6 +8,7 @@ import org.springframework.util.Assert;
 import run.halo.app.config.properties.HaloProperties;
 import run.halo.app.exception.AuthenticationException;
 import run.halo.app.exception.ForbiddenException;
+import run.halo.app.model.properties.CommentProperties;
 import run.halo.app.model.properties.OtherProperties;
 import run.halo.app.service.OptionService;
 
@@ -77,6 +78,21 @@ public class ApiAuthenticationFilter extends AbstractAuthenticationFilter {
         filterChain.doFilter(request, response);
     }
 
+    @Override
+    protected boolean shouldNotFilter(HttpServletRequest request) {
+        boolean result = super.shouldNotFilter(request);
+
+        if (antPathMatcher.match("/api/content/*/comments", request.getServletPath())) {
+            Boolean commentApiEnabled = optionService.getByPropertyOrDefault(CommentProperties.API_ENABLED, Boolean.class, true);
+            if (!commentApiEnabled) {
+                // If the comment api is disabled
+                result = false;
+            }
+        }
+        return result;
+
+    }
+
     @Override
     protected String getTokenFromRequest(@NonNull HttpServletRequest request) {
         Assert.notNull(request, "Http servlet request must not be null");