Comment spam remains a problem for all WordPress users. It also affects other blogging software and platforms such as discussion forums, guestbooks and wikis.
Unfortunately, it is near impossible to completely stop spam software from attacking your website. Even if you completely disable comments, spammers can still submit spam to your website. Whilst these comments will not be displayed on your live website, they will take up space in your database, which will increase the overall size of your database and, in turn, slow your website down.
In this article, I would like to give you some tips on how you can reduce comment spam on a WordPress website. If you follow these steps, you should greatly reduce the volume of comment spam you receive.
The first four steps all involve configuring your discussion settings correctly on your website. You will find the discussion settings area in your main admin menu under Settings / Discussion. The direct URL for this area is www.yourwebsite.com/wp-admin/options-discussion.php.
1. Moderate Comments
There is a section in the WordPress discussion settings page entitled “Before a comment appears”. This section allows you to control which comments are sent to the moderation queue and which articles are automatically published on your website.
Enabling “Comment must be manually approved” means that every single comment must be manually approved. A lot of blogs use this setting as it gives full control over what comments are published. This essentially means that no spam comments will ever be published on your website.
As someone who comments on blogs semi-regularly, I find this option frustrating. Depending on how often the blog owner checks the comment moderation queue, it could be a few hours or even a few days before a comment is approved and published. This can slow down any discussions that are taking place.
The other option is “Comment author must have a previously approved comment”. I personally feel that this is a more practical option as it only sends a commenter’s first comment to the moderation queue. Once they have had a comment approved, all of their subsequent comments will be approved automatically.
This setup is not perfect as someone could technically submit a good comment and then submit spam later. However, in practice, the majority of people who leave a good comment initially will submit good comments in the future.
2. Hold Comments That Have Links
A high percentage of spam comments contain links. One way to take advantage of this is to send any comments with links to the moderation queue.
You can do this in the “Comment Moderation” section. A fresh WordPress installation will send comments to the moderation queue if they contain two links or more. I recommend reducing this to one as many spam comments only contain one link.
3. Use the Comment Blacklist
The comment blacklist is one of the most underused features of WordPress; despite it being available in every WordPress website. It allows you to blacklist the IP addresses of spammers who are persistently attacking you. You can also blacklist commenters by URL, email address, name and/or content.
Blacklisting someone is a good way of discouraging people who are submitting spam manually. I encourage you to use it when you can.
4. Close Comments On Older Posts and Pages
Whilst comment spam does occur on new articles, it is more common for spammers to target older articles that have established traffic and a good search engine ranking. These articles can sometimes be years old, so you may not even notice that they have been attacked.
WordPress lets you automatically disable comments on posts and pages that were published a defined number of days in the past. In my experience, a couple of months (e.g. 100 days) is normally a good balance between keeping comments enabled on new articles and stopping spammers in their tracks.
5. Install Anti-Spam Plugins
Whilst I do believe that configuring your discussion settings correctly should be your first port of call when tackling spam, there are a lot of plugins available to help you when spam does get out of hand.
The most well-known plugin is Akismet; which comes packaged with every installation of WordPress. Developed by the makers of WordPress, Akismet is an automated spam service that will filter spam comments into your spam folder. It is very effective and learns from what comments you mark as spam and what comments you mark as legitimate.
Due to how big a problem Spam is for WordPress users, there are hundreds of anti-spam plugins available for WordPress. There are way too many to list in this article, but here are a few good anti-spam plugins to get you started:
- Spam Free WordPress
- Growmap Anti Spambot Plugin
- WP Anti Spam
- Anti-spam by CleanTalk
- NO CAPTCHA Anti-Spam
Be aware that some anti-spam plugins can hurt the commenting experience for genuine commenters by making them jump through hoops before they can submit a comment. Unfortunately, that is the price you may need to pay if comment spam is a major problem on your website.
Comment spam is an ongoing battle that most website owners have to face on a daily basis. Thankfully, if you configure your discussion settings correctly, a few spam comments will actually be published on your live website.
Whichever moderation option you choose, be sure to check your moderation queue and spam folder on a regular basis as there is nothing more discouraging to readers than having a long detailed comment deleted 🙂
Here are some other comment plugins that add more functionality (or completely change everything) to the WordPress commenting system.
If you enjoyed this article, I encourage you to subscribe to our blog for updates on our latest content.
Very good article on how to avoid spammy comment.
Elegant Themes Rocks.
As for 2016, I strongly suggest you guys to delete akismet and just use anti-spam plugin linked in the article.
Akismet is not preventing anything as of my experience and so far I got amazing results with anti-spam plugin.
I can tell you that %99 of the spams are gone. However, there are some promotion spams “saying that they can improve the ranking of my website blah blah…” So just to make sure that you dont get such spams as well, dont forget to add captcha verification to the contact form.
That will make your website %99.5 spam free 🙂
Hope that helps.
Google actually does penalize sites for spammy incoming links now – it’s part of the Penguin update. While I know it’s not the point of this post, I did want to bring attention to that.
Thanks for this great write up.. I am getting tons and tons of spam comments on daily basis.. This will surely help me in getting rid of spam and headache due to it… keep sharing such useful info..
Such an informative article ! Thanks for the tips on how to close comment on old pages and post. I was just looking for how to do this. Thanks again : )
I have just followed your advice and uninstalled Disqus – I noticed that spammers were side-tracking it altogether and were leaving comments directly on WordPress, un-moderated.
Thank you for saving my blog!
Cheers Kevin- this is one of the clearest articles on the subject of comments I’ve found.
Thanks for the tip on closing comments on older posts especially. Like many of the guys commenting below below also, Akismet I’ve found is top drawer.
That is a valuable tip on closing comments on older posts. From pure convenience it makes a lot of sense. I am recording thousands of comment spam daily, while 99.9% is filtered by Akismet, which I highly recommend – there is a permanent load on the server and this should help ease it.
Unfortunately there is not easy way of blocking them before they come in the front door.
Thank you for this post. These comments are really irritating. I opened my admin panel today just to see I have over 30k comments on my blog.
I have been using Akismet since the beginning of my blog. Recently I have installed a plugin which automatically add a captcha after the end of comment form. I noticed that after installing Akismet, The spam comments are posted around 3.7% and after activating Captcha code Its went under 1%.
I would put Akismet at the top of the list. 260K spam comments blocked in 6 months so far on my site! You can use it for free but I actually stumped up money for this service as it saves me hours a week dealing with junk.
I enable all the WP moderation setting mentioned above. There are way too many spammers for blocking individuals to make any difference. They don’t care. I also see spammers posting “normal” comments in an effort to get past the first-moderated-comment hurdle. So I moderate everything. If it isn’t clear that the comment is directly related to the content it gets deleted. Compliments and vague questions about my website hosting are 99.9% spam.
The keyword blacklist is quite useful as well as you can target keywords that should never really crop in genuine comments. For me this is a list of handbag and sport clothing designer brands. There are also a number of websites that people are trying to link to that I block (Third-party App stores etc).
I hope this comment makes it through 🙂
I also had to disable “Allow link notifications from other blogs (pingbacks and trackbacks) ” ase spamers seems to start using that as well for spams.
I too have implemented the above suggestions, and did so when I started my website. But still, I am daily deleting 100+ spam. Is there no foolproof solution?