How to Stop WordPress Comment Spam

Spam is a problem that every WordPress user has to deal with. It may only take a few days or a few weeks before a new website receives spam and as the website becomes more popular, it will become a bigger target for spammers.

Dealing with a high level of spam can be frustrating and time consuming. However, by taking precautionary measures, you can stop 99.99% of spam.

Configure Your WordPress Discussion Settings Correctly

Spam prevention begins in the WordPress discussion settings page. This page is located in the main settings menu in your admin area i.e. http://www.yourwebsite.com/wp-admin/options-discussion.php. By configuring your discussion settings correctly, you can prevent most spammers in their tracks.

One of the first things I do on a WordPress website is disable pingbacks and trackbacks. Several years ago, they were a useful way for blogs to notify other blogs that they had mentioned them in an article. Unfortunately, spammers started using these notification methods to spam blogs. There is little benefit to using them today, therefore I recommend disabling them.

Spammers tend to target older articles that have a presence in search engines. One way to discourage spammers from attacking your website is to disable comments on older comments. This simple measure can reduce the volume of spam that is submitted significantly.

If you want to ensure that no spam comment is ever published on your website, you can choose to manually approve every comment. This is a full proof way of stopping spam, however it does require a lot of administration.

A more practical option is to automatically publish comments from people who have a previously approved comment. This allows you to moderate the first comment from a person. If the comment is good, you can manually approve the comment so that all future comments from them are automatically approved. It is one of the most practical ways of accepting comments on a blog.

Spammers frequently include links in their comments. You can therefore stop many spam messages from sneaking past your radar by sending all comments with links to the moderation queue.

Another small change you can make to discourage spam is to remove the website field from your comment form. This can be achieved by removing the field from your comments.php theme template.

Install a Reliable WordPress Anti-Spam Plugin

Every copy of WordPress comes packaged with a copy of Akismet. It is the de-facto anti-spam plugin for WordPress websites.

The plugin analyzes every comment that is submitted to your website and reviews whether it looks like spam. Any spam comments that are not automatically sent to the spam folder can be marked as spam. Conversely, legitimate comments that are incorrectly sent to the spam folder can be marked as “Not Spam” and placed back into the moderation queue for approval.

Akismet also highlights how much spam it blocks on a monthly basis. The accuracy rate is also reported.

If you find that Akismet and your discussion settings are not preventing spam, I recommend trying one of the plugins below. These plugins can all be downloaded free of charge from WordPress.org.

• Growmap Anti Spambot Plugin – Asks comments to check a box to confirm that they are not a spammer. 99% of automated spambots fail to check this box.
• Anti-spam – A useful plugin that detects spammers and prevents them from commenting.
• Anti-spam by CleanTalk – Blocks spammers from comments, login forms, and emails.
• Antispam Bee – A great collection of over 20 anti-spam modules.
• WP-SpamShield Anti-Spam – A discrete all in one spam prevention plugin eliminates the bast majority of automated spam from your website.

How do you deal with WordPress comment spam? Please let us know in the comment area below.

Thanks,
Kevin