How to Stop Comment Spam in WordPress (2019 Edition)

When you first start a WordPress site, it feels like it takes forever to get any views at all. Depending on how often you post on your site and how you market it, it could easily take months before visitors find your site organically. Once your views start to snowball, you will probably notice an increase in comments as well. Unfortunately, many of these comments are likely to be spam. 

Comment spam might initially look like normal comments, but you can generally tell that it was written by spammers as soon as you read it. Often, the writer will include a link to the spam site. They may also have a username that include clearly commercial terms like ‘BuyShoesOnline’ or ‘TryLevitra’. Unlike a normal comment, these spam comments always include a link to some commercial page trying to sell something. 

Moderating each individual comment takes time, but you generally do not want to leave these spam comments on your site. They are annoying to readers, and some of your visitors may even fall for the spammer’s spiel. In addition, accepting spam comments only encourages more spammers to leave a comment on your site. 

Why Do Spam Comments Exist? 

Unfortunately, these types of comments started in 2003 and are still around today. The spammer’s goal is to drive traffic to their site and/or try to build the reputation of their site in Google with links from your site. Your site is probably not being targeted at random. Normally, spammers focus their energy on sites that already rank highly for certain keywords and topics. Having backlinks from a successful site like yours makes the spammer’s site look better to the search engines. In essence, you are being targeted because your site is a success. 

How Comment Moderation Works in WordPress 

Comment moderation is one way to handle comments on your WordPress site. They allow you to stop comments from just showing up unless you actually approve them. With comment moderation, you can approve the comment, send it to your trash file or mark it as spam. WordPress will also test out these comments before it allows them to just appear on your site. If the comment fails one of the tests, it is automatically listed as pending until the administrator approves it. 

The simplest way to make sure that your comments are not automatically posted is by going to the discussion page under settings. Then, choose the option for making comments manually approved. This ensures that every comment that appears on your site has to be moderated manually. 

You can also customize how your website deals with comments. WordPress lets you automatically turn off comments for an article that is a certain age. You can also decide if you want admins and authors to receive a notification when new comments appear. When you write an individual article, you can decide if that specific article can even receive comments at all. 

The types of comments you send to moderation can also be narrowed down. Instead of sending every comment for moderation, you can limit moderated comments to certain keywords or comments that include email addresses. WordPress allows you to automatically moderate comments that contain an IP address or URL. If you know that most of these comments are spam, you can set your WordPress site to instantly blacklist comments and put them in the trash file if they contain certain words, a URL, an IP address or email addresses. By including these options, you can reduce the amount of time you spend moderating your website. 

What Happens to Comments Marked as Spam? 

One thing that you can do to remove comment spam is go through your comments and manually mark which ones are spam. You can mark them as spam individually or remove spam comments in batches through the bulk actions option. Once you mark these comments as spam, they will not be displayed on your website. If you change your mind about the comments later, you can always find them in the spam section of your comments page. 

How Can You Automate Spam Detection and Removal?

If you are tired of dealing with spam comments, there are options available that can help. Turning on comment moderation and manually approving your site’s comments is just one option. There are also spam comment protection plugins and other techniques that can protect your website from spammers. 

1. Use Akismet

One easy way to prevent spam is with Akismet. This anti-spam plugin is actually pre-installed when you start your WordPress site. As long as it is turned on, it will filter your comments and catch common forms of spam comments. It works as a free plugin, but you will need to sign up for Akismet’s API key.

2. Test Out Google ReCAPTCHA

Google’s reCAPTCHA verification is one way to make sure that actually people are leaving comments on your site. ReCAPTCHA is basically a more advanced version of CAPTCHA. Both programs use technology to decide if the comment is from a human being or a robot. This option is less annoying for human users and still effective at stopping bots. When Google detects that the comment could be from a spam bot, the test is much harder. If you are going to use CAPTCHA plugins, this is the least annoying version for your readers. 

3. Consider Third-Party Options 

Other than Akismet, there are a number of third-party plugins that you can use for your site. One popular choice is Honeypot. This program basically tricks spam bots into showing your site who they are. Once Honeypot figures out which visitors are bots, it can block them. 

To use Honeypot, you have to install and activate the plugin for Antispam Bee. Then, go into the settings page to choose to mark any comments caught by Honeypot as spam. This ensures that Honeypot catches spam bots. It uses antispam filters to look at IP addresses and the local spam database. 

Another option is Sucuri. This program actually stops spammers before they come to your website. When spammers try to constantly access your site, it can slow your pages and performance down. If this happens, you can fix it by using Sucuri. This firewall plugin helps you block bots and suspicious requests from even reaching your website. Ultimately, this cuts down on the number of spam comments you get as well as the load your servers deal with. 

4. Discourage Links in Your Comments 

Spammers leave comments because the links help them build their site’s reputation. If your comment section does not allow any links, then spammers do not have a reason to leave spam comments. Two simple techniques can block spammers from leaving unwanted comments on your site. 

The first option is to disable HTML in comments. HTML is one way that spammers hide links within their comments, so removing this option prevents them from leaving spam links. A plugin like Peter’s Literal Comments is all it takes to stop links within each comment.

The second approach is to remove the URL field from your comment form. This stops spam bots and human spammers from leaving a link with their username. You can do this using the Disable-Hide URL Field plugin.

Both of these options make it less likely that a spammer would bother using your site for spam because your site stops comments from linking back to any other site. 

This entry was posted in , .
Charles Coxhead

Written by Charles Coxhead

Charles has been building and promoting websites and services in New Zealand, Australia, the United States and China for nearly 20 years.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.