8 Simple Steps to Eliminate Comment Spam in WordPress

Online discussions are fun but can also become a nuisance to manage. Your comments can be hijacked by trolls, promotional comments, and automated comment spam. Out of the box, WordPress does not do much to control spam comments. It doesn’t become an issue until your site gets a little older, then comment spam becomes an issue.

In this article, we will look at some simple steps every site owner should take to fight back against comment spam.

Within the WordPress dashboard lies the discussion section, a control panel for tailoring how your site handles comments. By adjusting the moderation queue settings, you can mandate that all comments require approval, establishing a manual checkpoint to thwart spam’s advance.

For those besieged by recurring spam, WordPress offers a blacklisting option. This feature allows you to consign certain words, IP addresses, emails, or URLs to a digital limbo, automatically filtering out comments containing these spam indicators.

Log in to your WordPress admin area and go to Settings -> Discussion page.

Now, all comments posted on your WordPress site will go to the moderation queue and will only be visible on your site once you approve them.

Turning off comments on older posts is the next step in reducing comment spam. Comment spam bots usually search the web for pages containing a WordPress comment box. Turning off comments on older posts will reduce the number of times spambots find and target your posts.

WordPress makes this easy with a built-in option on Settings -> Discussion page. Scroll down to Other Comments Settings and check the box next to ‘Automatically close comments on articles older than 14 days’.

You can set the number of days before comments close on a post. Click on the save changes button at the bottom of the page. All your older posts will now have comments turned off.

Using anti-spam plugins with WordPress is essential to safeguard your website from unwanted and potentially harmful content. These plugins provide a robust line of defense against the deluge of spam comments, emails, and form submissions plaguing websites. They help maintain your site’s credibility and professionalism by ensuring that only genuine user interactions are visible, enhancing the quality of discussions and user engagement.

Akismet is a spam prevention service offered by Automattic (The WordPress parent company). It catches spam comments before they reach your website and is pre-installed on every WordPress site. However, it is not activated by default.

After activating the plugin, you will see a notification asking you to activate your Akismet account. Click on the button and follow the on-screen instructions to activate your Akismet account.

Antispam Bee blocks spam comments and trackbacks effectively, without captchas and without sending personal information to third party services. It is free of charge, ad-free, and 100% GDPR compliant.

If the above steps fail to reduce your comment spam load, then perhaps you need to implement more aggressive steps. What is ReCAPTCHA? It is explained succinctly by Google as follows:

“reCAPTCHA is a free service from Google that helps protect websites from spam and abuse. A “CAPTCHA” is a turing test to tell human and bots apart. It is easy for humans to solve, but hard for “bots” and other malicious software to figure out.”.

You can test out Google’s reCAPTCHA using this demo.

To integrate reCAPTCHA with your WordPress comments, you’ll typically follow a process that involves obtaining API keys from Google, installing a suitable WordPress plugin, and configuring it to protect your comment form with reCAPTCHA.

If you are using Avada Forms on your website, follow this guide, which explains how to use the Avada reCAPTCHA Field Element.

Spammers often disguise their motives in benign comments laced with links that lead visitors away from your website, sometimes for nefarious reasons. Tightening the reins on how many links can be included in a comment (or outright banning them) via your WordPress settings will significantly diminish this spam vector.

Trackbacks and pingbacks are WordPress’s way of notifying you when another blog has linked to one of your posts. While intended to foster a network of discourse, spammers have co-opted these features to sneak their way into your site’s notification queue.

Turning off trackbacks and pingbacks is straightforward and accessible through your WordPress dashboard’s ‘Discussion’ settings. This preventive measure cuts off another avenue for spam, helping to streamline your site’s interactions to genuine engagement.

Most of the spam on a typical WordPress site is submitted by spambots. But there are also many people who manually submit spam to websites’ comments. Some believe leaving a link in the comments will increase the website’s SEO. Some of these websites are selling illegal or fraudulent products. Many of them are submitted by low-quality spam link builders that anyone can hire from freelancing websites.

Since humans submit these comments, they can bypass all spam prevention checks. But since you have moderation enabled on your site, you can catch them in your moderation queue and mark them as spam. However, you will sometimes notice that a certain user or users submit links to a website in an easily recognizable pattern. They all contain links to the same website, have similar fake email addresses, or originate from the same IP address.

You can block them using the built-in blacklisting tools in the WordPress dashboard. Go to Settings > Discussion page and scroll down to comment moderation and comment blacklist section.

The first large text area is for comment moderation. In this box, you can add a user’s name, email, URL, or IP address. Any comment that matches those will be sent to the moderation queue. But since you already have moderation enabled on your site, you may want to use the comment blacklist box.

These filters will also stop any partial match. For example, adding Press will block comments containing words like WordPress. The blacklist tool is a great way to prevent comment trolls from making their way into your moderation queue. Their comments will be marked spam right away.

The first large text area is for comment moderation. In this box, you can add a user’s name, email, URL, or IP address. Any comment that matches those will be sent to the moderation queue. But since you already have moderation enabled on your site, you may want to use the comment blacklist box.

These filters will also stop any partial match. For example, adding Press will block comments containing words like WordPress. The blacklist tool is a great way to prevent comment trolls from making their way into your moderation queue. Their comments will be marked spam right away.

Comments are a great way to discuss things with your readers and get engaged with your audience. With these tips and tools you will be able to effectively stop spammers from hijacking your WordPress comments.