Spam comments can quickly clutter up your site, making it look unprofessional and driving real visitors away. Cleaning up all that spam after the fact is challenging. This means you should strongly consider putting a little upfront time into developing a strong anti-spam strategy.
The first thing on your to-do list should be to prepare your website admin (backend) to help you deal with such massive amounts of bull. That’s where WordPress bloggers have an advantage. As much spam there is, there are quite a handful of powerful solutions, available free or for pocket-change-cost, to help stop and/or manage spam influx on your website.
NoFollow Comment Link
Sometimes new bloggers add plugins to remove nofollow attribute from comment author links. They think that by making these links to follow they will be able to encourage more users to leave comments. This results in a very high number of spam comments. Even non-spam comments are usually submitted by users who are not interested in the discussion but the link back. Remember, it’s always about quality, not quantity. It is always a bad idea to use plugins that share link juice via comments. If you are not using any such plugin, then that’s great you can move on to the next step.
Reduce the number of links allowed per post
Most comment spam is designed to add links in your comment section and trick people into clicking on them. Therefore, one way to combat spam is to permit fewer links in your comments. Legitimate visitors will also be prevented from posting many links, but slowing down the spammers can be worth that potential inconvenience.
From your WordPress dashboard, you can navigate to Settings → Discussion to make this change. Look for the Comment Moderation section:
Add Captcha Verification
You can enable recaptcha challenge on your comment forms. Recaptcha shows an image containing characters, users need to type those characters to prove that they are human. While recaptcha is an effective way of blocking spam bots, it does nothing to prevent your site from manually submitted spam comments. Another concern with recaptcha is that they make it difficult for users to submit comments. On the other hand, reCAPTCHA is a quick and effective way to block spambots.
Many users find CAPTCHA annoying and disruptive. A less annoying alternative to CAPTCHA is the maths quiz plugin, which asks users to solve a simple math problem to prove that they are human. Simply install and activate the plugin, and then visit Settings » Math Quiz to configure it. The plugin allows you to modify comment form CSS, though in most cases you wouldn’t need to. It also allows you to choose where you want an image based math quiz or simply plain text quiz. Plain text quiz is easy to read but also easy to solve by spambots. The image-based math quiz is not that readable but is slightly difficult to solve by spambots.
Remove Website URL Field From Comment Section
The URL field in the comment form attracts not only spammers (both automated and human) but it also invites people who have absolutely no interest in discussion at all.
These comments usually contain a line or two of irrelevant nonsense, the comment author name will contain a keyword or a combination of a real name with keywords like Saefhenry from Techshawe, or Bode @techshawe, etc. Removing the URL field from comment form will discourage this kind of behavior on your website.
Disable Comments On Media Attachment
WordPress automatically creates image attachment pages where users can see an image and even leave a comment for it. If you are linking your images to the attachment page, then after a while, you will have lots of attachment pages with comments enabled on them. If images are the central part of your content then that’s fine. But if you don’t want users to comment on images instead of posts then you should turn off comments on media attachments.
Create A List Of Backlisted Words
Many spam comments contain a lot of recognizable keywords. This makes it easier to spot them and to stop them from appearing on your website. You can simply create a ‘blacklist’ of words, and your site will flag any comment containing one of them.
To do this, return to Settings → Discussion in your WordPress dashboard and find the Comment Blacklist section:
Disable HTML In Comments
Another handy tip to discourage links in comments is disabling HTML in comments. The easiest way to do this is by using Peter’s Literal Comments plugin. Simply install and activate the plugin and any comments submitted to your site after that will get all HTML parsed through WordPress filters. This will change double quotes, less than and greater signs into HTML entities.
A big portion of comment SPAM is trackbacks. For some blogs it is not even necessary to have trackbacks. You can choose to disable trackbacks on your entire blog, or in an individual post. This can prevent comment SPAM and it is very easy to do so.
You can find the above option by visiting Settings » Discussion. This will turn off trackbacks for your entire site. But if you want to turn off trackbacks on specific posts, you will need to specify it either when writing a post, or edit a post and change this option.
Restrict Comments Privileges To Registered Users
The goal of most spammers is to post on as many pages and sites as possible. This means if you can make it more challenging for them to add their comments to your site, they may just move on to the next target.
You can achieve this by restricting comment privileges to people who have registered on your site. This puts an extra hurdle between spammers and your comment section. As a side benefit, it encourages visitors to sign up for an account or a membership.
This option is also available in the Settings → Discussion section in WordPress. You’ll find it under Other comment settings:
You can use tools such as
2. Spamshield antispam
3. Anti spam bee
5. WordPress zero spam
6. Stop spammers spam prevention
There you go. The 6 plugins to protect your WordPress site from spam and prevent it from accumulating in your server and database in the first place. Keep your WordPress website clean and well maintained, and install one of these as soon as you get your website up and running.
Do take note that when search engines discovered that your website contains many links to low-quality spam websites, they may take action against it. Google, for example, may mark your website as being affected by a malware attack. This can reduce the number of visitors that your site gets from search engines and will, in turn, affect your SEO ranking.
Do you have any questions about how to implement any of the techniques we’ve introduced? Ask us in the comments section below!