Comment spam and registration spam remain a large problem for WordPress users. It is not uncommon for some WordPress websites to receive hundreds or even thousands of comments every week.
This level of spam can damage your reputation with readers and commentators if you fail to tackle it. It is therefore important to face spammers head-on and thwart their attempts at spamming your website.
Thankfully, tackling spammers does not need to be a time-consuming endeavor. If you configure your WordPress website correctly and install a good anti-spam plugin, you can eliminate the vast majority of spam from your website.
Let us take a closer look at how you can tackle WordPress spam.
Note: All of the WordPress plugins in this article are free to download (unless otherwise stated).
Configure Your WordPress Discussion Settings
Before you install an anti-spam plugin, you should configure your discussion settings correctly. These are located in the Settings section of your admin area (i.e. http://www.yourwebsite.com/wp-admin/options-discussion.php).
A full-proof way of stopping comment spam is to manually approve every comment. I am not a big fan of this myself as it time consuming and the discussion is held up until you manually approve each comment.
A more practical solution is to manually approve the first comment of a person. This works well as it allows you to review each commenter and once they are approved, their comments will be published automatically. It is an effective solution as spammers rarely take the time to write a good comment; therefore their attempt at publishing a link in your comment area can be stopped easily.
You can also place any comments with links directly into the moderation queue. Comments can also be marked as spam automatically if they contain any banned words you specify in your blacklist.
In an attempt to tackle comment spam, I have tested restricting comments to registered users. It was not a great solution. Although it did help reduce comment spam significantly, it also greatly reduced the number of comments submitted by readers as people do not want to go through the hassle of creating an account in order to publish a comment.
Additionally, in order to allow people to sign up for an account, I had to enable member registration. This allowed thousands of spammers to create fake user accounts on my website.
Although captcha forms and other anti-spam tools can reduce registration spam, I strongly believe that unless you need to enable public registration (e.g. for a discussion forum or membership website), you should disable member registration in the general settings page (i.e. http://www.yourwebsite.com/wp-admin/options-general.php). You can continue to create accounts manually for contributors, authors, and editors.
I recommend adjusting your discussion settings to suit your own preference to fighting spam. If you want to ensure that no spam ever gets through, you can manually approve every comment. Those of you who receive a lot of comments might find this configuration too time-consuming, so you might want to make your commenting policy less strict. This might mean the odd spam comment gets through; however, it removes the need for you to check every single comment that is published on your website.
Configuring your WordPress discussion settings correctly is the first step towards tackling spam; however, there are a number of great anti-spam WordPress plugins available that help you make things even more difficult for budding spammers. Let’s take a closer look at some of the best solutions.
Akismet is such an essential plugin that Automattic includes it with every copy of WordPress. After acquiring a key from the Akismet website, the plugin will start protecting your website from spam comments.
Akismet checks every comment that is submitted to your website against their spam database. If a comment looks like spam, it will be placed in your spam folder. The plugin does not always get it right, however, if legitimate comments are placed in your spam folder (i.e. a false positive), you can mark them as “Not Spam”. Likewise, you can mark spam comments that slipped through as “Spam”. Over time, this process helps improve Akismet’s strike rate.
The number of approved comments for each commenter can be displayed next to their name to help you moderate comments more effectively. Obvious spam can be deleted automatically, however I always like to play it safe and send all spam comments to the spam folder so that I un-spam any false positives.
In the Akismet settings page, you will see details of how effective the plugin has been at catching spam comments. On most of my websites, Akismet has an accuracy rating over 99.5%. This high rate of success is why millions of website owners rely on Akismet to prevent spam. For me, one of the best things about the plugin is the fact that it plays so nice with other anti-spam plugins.
Antispam Bee is a large collection of anti-spam filters and tools. The filters allow you to make your comment approval process more difficult. For example, you can automatically mark any comments with BB code as spam. Comments can be filtered further with tools such as blocking comments from specific countries and restricting comments to a particular language.
The plugin also allows you to clean your database of spam after a specified number of days. Statistics about spam blocking can also be displayed on your dashboard.
As the name suggestions, Anti-spam by CleanTalk (no CAPTCHA) does not rely on commenters checking any boxes or completing any captcha forms in order to prove they are human.
The plugin integrates with many popular WordPress plugins such as bbPress, BuddyPress, and Contact Form 7. It can be used to stop comment spam, registration spam, trackback spam, and spam emails coming through your contact form. Anti-spam settings for specific types of spam can be disabled through the settings area if necessary.
Anti-spam is another spam protection WordPress plugin that does not rely on your commenters completing Captcha images. The plugin does not have any settings area; which is quite unique for a plugin of this type.
Please note that the plugin does not work with Jetpack comments since that comment solution uses an iframe. A pro version of Anti-spam is available for $14 that has a small settings page with a few additional options.
Other Anti-Spam Solutions
Due to the severity of the spam problem that WordPress website owners face, there are many anti-spam plugins available online. Be sure to check out our article, Put the Smackdown on Spam: 15 Top-Rated WordPress Antispam Plugins for more options.
I follow the same steps with every WordPress website I own. The first thing I do is configure my discussion settings correctly so that comments with links are sent to the moderation queue and ensure that the first comment from each person is moderated. This makes it almost impossible for spam comments to slip through.
The next step I take is to activate Akismet. On some of my websites, it is the only anti-spam plugin I have activated. If, however, I see an increase in spam comments getting through, I install another anti-spam plugin. Apart from Akismet, I do not have any preferred anti-spam plugin that I use every time and have used a variety of anti-spam plugins over the years on different websites. However, I do usually install one of the plugins listed in this article.
Frequently, dealing with spammers is a case of trial and error. If one solution does not work, try another. If that does not work, try something else. I realize that many readers want to know what is the best anti-spam solution available, however I do not think the fighting spam is always black or white. I have found some plugins to work well on one website, but not on another.
It is also important to realize that the best solution for each website is different. It can depend on the level of spam comments the website receives and the level of legitimate comments it receives.
For example, I have an old content website that gets very little traffic. For that particular website, I have installed three anti-spam plugins that collectively eliminate 99.99% of spam. It is very rare that any spam comment gets through. This high level of protection means that there is a higher risk of real comments from humans being marked as spam. It is a small price to pay as the website does not receive a lot of traffic and I place a higher priority on blocking spam comments than the odd legitimate comment not being published.
The situation is different on my own blog. I have written long, detailed comments on blogs I read and have had them marked as spam and deleted because the blog owner’s handling of comments was too severe. I, therefore, understand the frustration that a blog reader will experience after spending 20 minutes writing a great comment and not seeing it published.
With an active blog, it is vital that real comments are published and spam comments are not. It is therefore worthwhile spending a little time moderating your comments so that real comments are not accidentally marked as spam and deleted.
Review your own situation and choose an anti-spam solution accordingly. Remember that many anti-spam solutions are effective at tackling large volumes of automated spam, while others put in measures to discourage spam by humans.
Why 100 is NOT a Perfect Google PageSpeed Score (*5 Min Watch)
Learn how to use Google PageSpeed Insights to set realistic goals, improve site speed, and why aiming for a perfect 100 is the WRONG goal.