I commenti spam sono una grande spina nel fianco. Per prevenire i commenti spam, i blogger finiscono per adottare misure rigorose, come richiedere alle persone di registrarsi o far inserire a tutti un captcha prima di inviare un commento. I controlli per la prevenzione dello spam, come i captchas, i quiz matematici e la registrazione, rendono difficile ai normali visitatori commentare. Implementando uno di questi metodi, si punisce il pubblico sbagliato. Molti commenti di spam sono generati da bot, ovvero programmi progettati per commentare su blog e siti web. Un detto comune dice che si possono prendere più mosche con il miele che con l’aceto. Si adatta perfettamente a questo caso, visto che chi siamo vi mostrerà come bloccare i bot per i commenti di spam in WordPress con honeypot.
Che cos’è Honeypot?
Prima di parlare di honeypot, parliamo di come funzionano i bot dello spam. WordPress è utilizzato da milioni di siti web. Ciò significa che milioni di siti web hanno un output HTML simile per i moduli di commento. Questo rende più facile per i bot trovare blog e commentare articoli di spam.
Honeypot è una tecnologia di prevenzione dello spam. Inganna e intrappola i bot dello spam affinché si rivelino, lanciando loro una sfida che gli utenti non possono vedere.
A differenza di altri metodi di prevenzione dello spam che utilizzano tecniche per scoprire se un commentatore è umano, Honeypot seleziona se il commentatore è un bot. Invece di dare una sfida ai visitatori umani, crea una sfida falsa per i bot. Quando i bot compilano la sfida, finiscono per rivelarsi e vengono catturati prima di poter inviare articoli di spam.
Blocco dei bot di spam in WordPress con Honeypot
La prima cosa da fare è installare e attivare il plugin WordPress WP Spam Fighter. Dopo averlo attivato, andate su Impostazioni ” WP Spam Fighter per configurare il plugin.
È sufficiente selezionare la casella accanto all’opzione honeypot e salvare le impostazioni.
Il plugin offre anche il metodo timestamp, che presuppone che un utente umano dedichi un po’ di tempo alla lettura di un articolo prima di commentare. Se un utente cerca di commentare rapidamente, il plugin gli mostrerà un popup in javascript.
Le opzioni predefinite dovrebbero funzionare per la maggior parte dei siti web. Tuttavia, si consiglia di rivedere le opzioni di configurazione prima di premere il pulsante Salva modifiche.
Come funziona
Quando honeypot è abilitato, WP Spam Fighter aggiunge un campo modulo nascosto nell’area dei commenti. Questo campo non sarà visibile agli utenti umani, ma i bot lo considereranno parte del modulo e lo riempiranno, identificandosi di fatto come spambot.
Ricordate che questi metodi non vi proteggono dallo spam inviato manualmente e inserito da visitatori umani. Dovrete comunque utilizzare un plugin come Akismet per catturarlo.
Per ulteriori informazioni sulla prevenzione dello spam nei commenti, pagate i nostri consigli e strumenti per prevenire lo spam nei commenti.
Syed Balkhi says
Hey WPBeginner readers,
Did you know you can win exciting prizes by commenting on WPBeginner?
Every month, our top blog commenters will win HUGE rewards, including premium WordPress plugin licenses and cash prizes.
You can get more details about the contest from here.
Start sharing your thoughts below to stand a chance to win!
Stephanie Boucher says
WP Spam Fighter has been withdrawn. I am using JG Spam Fighter which seems to work ok.
Gerard says
You might want to search and advise for an alternative plugin. The one described here is getting severely outdated.
WPBeginner Support says
Thank you for letting us know, we will certainly update any older articles as we are able
Admin
rio says
every day i got 10 spam comments. This is a good articles and i try to install this plugin but it not update for more than 2 years. Any other solution?
ramesh says
How to find the fake Google Bots?
Simon Lock says
WP-Spam Fighter has now gone for more than 9 months without being upgraded. According to WordPress it has not been tested for WP4.4.
Do you still advise installing this plugin or is there something else that is more up to date and known to work with WP4.4?
Your wise counsel would be appreciated
Simon
David Kinlay says
I am not sure why I can’t comment on articles in blogs, treating them as spam
WPBeginner Support says
Your comment appears alright in our pending queue and not marked as spam
Admin
David Kinlay says
I have been trying to get an answer re why every comments made on blogs returns to me stating that they are spam. Logged in to WordPress
Sephora says
Hi, nice articles. I wanted to download BotBlocker plugin but I realized that It haven’t been update for 3 years. I really the idea of challenge Bots instead of Humans. Do you know another plugin that can do the same ?
GreaterLight says
I have installed Stop Spam Registrations plugin per your other blog article here: https://www.wpbeginner.com/plugins/how-to-stop-spam-registrations-on-your-wordpress-membership-site/
My Akismet is doing a pretty good job of catching the spam COMMENTS but I am bleeding spam registrations.
I have my API for BotScout applied and I have an account set up with HoneyPot. It is telling me I need to install a script on my site. I am trying to determine if I do indeed need to install the script if I am using the Stop Spam Registration plugin. Can you clarify? Thank you
Eguide says
Thank you so much for recommending this BotBlocker, it helps in stopping bot attacking my site, where there are over 79,000 of comments posted and approved without my knowledge! I then install delete all comment plugin to clear all comments. Cannot imagine what to do without this plugin to stop these bot on their track!
Mike says
Hi, how does this work with auto-complete tools, like the feature built into Chrome? Won’t the browser also wrongly detect the forms via their fake names and fill them in when the user chooses to autofill?
Paul says
Who well does it do at blocking spam comments compared to Akismet?
Editorial Staff says
Unlike Akismet, this doesn’t block manual spam comment. This is only for spam comment bots.
Admin
Hans says
Thought this would work, so I installed the plugin…….It doesn’t.
It stops ALL entries.
The last update for Bot Blocker was 275 days ago and questions are not being answered on wordpress.org.
Looks like it’s an abandoned plugin.
Pablo says
Yep, same here. The only way I can post a comment is if I’m logged in as an admin or if the plugin is off.
I’d be nice if someone here could help because the support forums seem abandoned.
Denny Brown says
This is also my experience. Hans and I have both posted on the BotBlocker support page at http://wordpress.org/support/topic/plugin-botblocker-flagging-all-comments-as-spam
Vivek says
I wonder why articles in WPBeginners get very little comments though the article has been popular on Social media networks.
Editorial Staff says
Mainly because we only approve helpful comments for the most part. If you leave comments like great plugin, or great tutorial like most folks do, we simply don’t approve them. The purpose of comments is to add value (i.e questions, thoughtful opinions, suggestions, personal experience, etc).
Admin
Pete says
I suppose it needs to be asked…
“Manually submitted spam is submitted by human visitors. You will still have to use a plugin like Akismet to catch those. ”
What’s the benefit with the honey pot method when Akismet will pick it up anyway?
Jacob says
Those who self-host WP blogs have to pay for Akismet and may not want to do that.
Daniel says
So I can use Honeypot and Akismet together with no issues?
Editorial Staff says
Yes, you should be able to do that.
Admin