Comment Spam is a big issue that you will face as your blog begins to gain popularity in the industry. You will see comments full of pornography, viagra, or other spammy links in massive counts. Also, you will see fake spammy sites making you think they are linking to your article by sending a trackback. In this article we share some of the most valuable tips, tools, tricks, and other WordPress plugins available for you to combat Comment Spam. If you don’t utilize the options we suggest, you will spend hours moderating the comments on your site.
1. Activate Akismet
Akismet is one of the most valuable plugins for WordPress. You do not need to download it as it comes pre-installed with all WordPress installation. But you do need to activate it and get an API key. You can find out more about Akismet in our Akismet 101 Guide for WordPress Beginners. Without this, you have no chance against SPAM. Akismet does a great job in catching SPAM comments. Although sometimes good comments get filtered as SPAM, but you can always recover them by going through your SPAM comments regularly.
2. Nofollow Comment Links
One of the main reasons that motivates Spammers to make comments on your site is if you have Do-Follow links. They want to gain link juice from your website, but you can prevent that by simply nofollowing all comment links. By default WordPress adds an external nofollow attribute to all blog links, but sometimes users might take the route of making every link Dofollow in a quest to get more comments. Remember it is about quality not quantity. We recommend if you are using Dofollow get rid of that. If you do not have a plugin of that sort, then this step is not for you.
3. Blacklist Spammers
WordPress allows you to blacklist spammers by using their email addresses, URL, name, or even IP. All you need to do is type one of the information in the blacklist box under Settings ~ Discussion tab, and you will never see the comment again in moderation.
Sometimes you are not sure whether a person is a spammer, so you approve their comment. But you are not satisfied. There is a box which you can see right above the blacklist box called comment moderation. Just put the words, email, URL, name, or IP and this specific user’s comment will always be moderated by the administrator. Also as you see in the image above, there is a box that has the number 2. It is for the number of URLs in the comment allowed. If the number exceeds the value in that input box, then the comment will automatically be held for moderation. 2 is the default number, but you can change it to make it 1 or higher than 2 to fit your need.
Note: Choose your Blacklist wisely because every IP, word, or other value that you put in will be deleted instantly.
4. Add Captcha Verfication
You can use a plugin called SI CAPTCHA for WordPress to display randomly generated images before the submit button on comments. Your users must enter the correct value on the image, to submit the comment which will eliminate SPAM significantly. But it will annoy your regular commentators as well because this is something that they have to enter each and everytime they comment. This method will significantly reduce your SPAM comments.
Defensio is like an automated bow and arrow that is bound to hit the bull’s eye everytime in your fight against spam. Defensio have your comment traffic route through it’s system where it analyzes each comment for the level of spam, and assigns a grade. If the grade is of an adequate value then the comment is published, if the comment seems suspicious it will be held for your review. Defensio provides you with good stats and gives you RSS Feed for both good and spam comments.
Simple Trackback Validation Plugin for WordPress 2.x performs simple but very effective tests on all incoming trackbacks in order to stop trackback spam. When a trackback is received, this plugin checks if the IP address of the trackback sender is equal to the IP address of the webserver the trackback URL is referring to. This reveals almost every spam trackback (more than 99%) since spammers do usually use bots which are not running on the machine of their customers. It also retrieves the web page located at the URL included in the trackback. If the page doesn’t a link to your blog, the trackback is considered to be spam. Since most trackback spammers do not set up custom web pages linking to the blogs they attack, this simple test will quickly reveal illegitimate trackbacks. Also, bloggers can be stopped abusing trackback by sending trackbacks with their blog software or webservices without having a link to the post.
7. Completely Disable Trackbacks
A big portion of comment SPAM is trackbacks. For some blogs it is not even necessary to have trackbacks. You can choose to disable trackbacks on your entire blog, or in an individual post. This can prevent comment SPAM and it is very easy to do so.
You can find the above option by visiting Settings ~ Discussion. This will turn off trackbacks for your entire site. But if you want to turn off trackbacks on specific posts, you will need to specify it either when writing a post, or edit a post and change this option.
You will see the above option your posts page.
8. Less Annoying Version of Captcha?
Yes as you can see we mentioned a Captcha option above, but here is another way of user validation. This method is less annoying for users and it is a good way to prevent SPAM. This is done by a plugin called Math Comment SPAM Protection. This plugin do require you to edit comments.php in order to install it. Read full installation details on official site.
9. Bad Behavior
Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site’s load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers. Bad Behavior also transcends other link spam solutions by working in a completely different, unique way. Instead of merely looking at the content of potential spam, Bad Behavior analyzes the delivery method as well as the software the spammer is using. In this way, Bad Behavior can stop spam attacks even when nobody has ever seen the particular spam before. Bad Behavior is designed to work alongside existing spam prevention services to increase their effectiveness and efficiency. Whenever possible, you should run it in combination with a more traditional spam prevention service. This plugin is recommended to be installed alongside with Akismet to produce the best result.
10. Close Comments on Older Posts
Sometimes it is wise to close comments on older posts. WordPress has this as a built-in feature where you can specify a number of days and WordPress will automatically close the comments on articles older than this many days. All you have to do is go to Settings ~ Discussion and check this box
Just change the number of days to fit your needs and save changes.
11. CLOSE Comments or User Registration
Worst come worst, you can close comments for a short period of time. That will drive the spammers away from your website. If you are building a custom site using WordPress, you should have disabled comments long ago. All you have to do is go to Settings ~ Discussion
You can do this for a short period of time, a week or two, and then reopen it if it gets really bad, but it should not get that bad if you use the techniques mentioned above.
You can also make comments for registered users only by checking the box in your Settings ~ Discussion page.
One of the other ways that is not SPAM but it is frustrating is duplicate comments. Sometimes users post double comments, if you do not let them know that their comments are in the moderation que. Most themes already have this option by default, but if your theme does not, find the following line in your comments.php
<input name="submit" type="submit" tabindex="5" value="<?php _e("Say it!"); ?>" />
and replace it with:
Comment moderation is in use. Please do not submit your comment twice — it will appear shortly.
<input name="submit" type="submit" tabindex="5" value="<?php _e("Say it!"); ?>" />
Feel free to edit the styling and the text.
Frequently Asked Questions by Users
Why are they spamming me?
They want to get a better pagerank. They think that by spamming they can get more links and it will some how positively affect their pagerank. It is nothing personal against you for the most part, and many blogs face this issue, you are not the only one.
What happens to comments that are marked as “Spam”?
The comments that you mark as spam, are not displayed and are listed on a separate page when you have Akismet installed. You can delete Spammed comments in batch and/or recover good comments from the SPAM list.
Why is every comment going into the moderation queue?
Go to the Settings ~ Discussion panel and make sure that “An administrator must approve the comment” is unchecked. With that option selected, all comments are sent to the moderation queue to await approval. Make sure that Hold a comment in the queue if it contains more than x links is not blank and contains a number higher than zero.
We hope that these tools helped. What are some techniques that you use to fight spam on your blogs. If you have something that might help others, feel free to help fellow bloggers.