Comment spam and registration spam remain a large problem for WordPress users. It is not uncommon for some WordPress websites to receive hundreds or even thousands of comments every week.
This level of spam can damage your reputation with readers and commentators if you fail to tackle it. It is therefore important to face spammers head on and thwart their attempts at spamming your website.
Thankfully, tackling spammers does not need to be a time consuming endeavor. If you configure your WordPress website correctly, and install a good anti-spam plugin, you can eliminate the vast majority of spam from your website.
Let us take a closer look at how you can tackle WordPress spam.
Note: All of the WordPress plugins in this article are free to download (unless otherwise stated).
Configure Your WordPress Discussion Settings
Before you install any anti-spam plugin, you should configure your discussion settings correctly. These are located in the Settings section of your admin area (i.e. http://www.yourwebsite.com/wp-admin/options-discussion.php).
A fullproof way of stopping comment spam is to manually approve every comment. I am not a big fan of this myself as it time consuming and the discussion is held up until you manually approve each comment.
A more practical solution is to manually approve the first comment of a person. This works well as it allows you to review each commenter and once they are approved, their comments will be published automatically. It is an effective solution as spammers rarely take the time to write a good comment; therefore their attempt at publishing a link in your comment area can be stopped easily.
You can also place any comments with links directly into the moderation queue. Comments can also be marked as spam automatically if they contain any banned words you specify in your blacklist.Be sure to review your discussion settings.
In an attempt to tackle comment spam, I have tested restricting comments to registered users. It was not a great solution. Although it did help reduce comment spam significantly, it also greatly reduced the number of comments submitted by readers as people do not want to go through the hassle of creating an account in order to publish a comment.
Additionally, in order to allow people to sign up for an account, I had to enable member registration. This allowed thousands of spammers to create fake user accounts on my website.
Although captcha forms and other anti-spam tools can reduce registration spam, I strongly believe that unless you need to enable public registration (e.g. for a discussion forum or membership website), you should disable member registration in the general settings page (i.e. http://www.yourwebsite.com/wp-admin/options-general.php). You can continue to create accounts manually for contributors, authors, and editors.Disabling member registration will help stop registration spam.
I recommend adjusting your discussion settings to suit your own preference to fighting spam. If you want to ensure that no spam ever gets through, you can manually approve every comment. Those of you who receive a lot of comments might find this configuration too time consuming, so you might want to make your commenting policy less strict. This might mean the odd spam comment gets through; however, it removes the need for you to check every single comment that is published on your website.
Configuring your WordPress discussion settings correctly is the first step towards tackling spam; however there are a number of great anti-spam WordPress plugins available that help you make things even more difficult for budding spammers. Let’s take a closer look at some of the best solutions.
Other Anti-Spam Solutions
Due to the severity of the spam problem that WordPress website owners face, there are many anti-spam plugins available online. Below is a small list of other anti-spam plugins that you may want to consider using on your website.
- WordPress Simple Firewall – An Akismet replacement that catches human spam and blocks spam from bots.
- WP Anti Spam – Has some unique spam prevention tools such as a word count limit and an option of marking comments without Gravatars as spam.
- SI CAPTCHA Anti-Spam – Adds a captcha form to your comment form, registration form, and login form.
- AlphaOmega Captcha & Anti-Spam Filter – Allows you to add a captcha form to your forms and adds many anti-spam filters to reduce automated spam.
- Peter’s Custom Anti-Spam – Force commenters to identify an image before submitting a comment.
- Stop! You Never Have To Fight Comment Spam Again – An anti-spam plugin that catches most spam automatically and allows blocking by continent and by country.
- IP Blacklist Cloud – Lets you block specified IP addresses and usernames from spamming you.
- Spam Free WordPress – An anti-spam plugin that uses zero false positives to catch automated spam bots.
Two other useful plugins worth checking out are WPCommentCleaner and WPDBTotalCleaner. By installing one of these plugins, you can quickly delete spam comments and unapproved comments from your database. This can greatly reduce the size of your WordPress database if it has a lot of spam comments. Therefore, your website will be more efficient and run a little quicker.WPCommentCleaner allows you to delete spam comments quickly and efficiently.
I follow the same steps with every WordPress website I own. The first thing I do is configure my discussion settings correctly so that comments with links are sent to the moderation queue and ensure that the first comment from each person is moderated. This makes it almost impossible for spam comments to slip through.
The next step I take is to activate Akismet. On some of my websites, it is the only anti-spam plugin I have activated. If, however, I see an increase in spam comments getting through, I install another anti-spam plugin. Apart from Akismet, I do not have any preferred anti-spam plugin that I use every time and have used a variety of anti-spam plugins over the years on different websites. However, I do usually install one of the plugins listed in this article.
Frequently, dealing with spammers is a case of trial and error. If one solution does not work, try another. If that does not work, try something else. I realise that many readers want to know what is the best anti-spam solution available, however I do not think the fighting spam is always black or white. I have found some plugins to work well on one website, but not on another.
It is also important to realise that the best solution for each website is different. It can depend on the level of spam comments the website receives and the level of legitimate comments it receives.
For example, I have an old content website that gets very little traffic. For that particular website, I have installed three anti-spam plugins that collectively eliminate 99.99% of spam. It is very rare that any spam comment gets through. This high level of protection means that there is a higher risk of real comments from humans being marked as spam. It is a small price to pay as the website does not receive a lot of traffic and I place a higher priority on blocking spam comments than the odd legitimate comment not being published.
The situation is different on my own blog. I have written long, detailed comments on blogs I read and have had them marked as spam and deleted because the blog owner’s handling of comments was too severe. I therefore understand the frustration that a blog reader will experience after spending 20 minutes writing a great comment and not seeing it published.
With an active blog, it is vital that real comments are published and spam comments are not. It is therefore worthwhile spending a little time moderating your comments so that real comments are not accidentally marked as spam and deleted.
Review your own situation and choose an anti-spam solution accordingly. Remember that many anti-spam solutions are effective at tackling large volumes of automated spam, while others put in measures to discourage spam by humans.