Tag Archives: stop spam wordpress comments

How to fight spam in WordPress comments?

stop spam WordPress commentsThis post today tries to find out all the possible options one can have to fight spam or have anti spam techniques on their blog for WordPress comments.

There are many ways and time and again people have talked about this. But we are today trying to explore all those options and whatever option works best for you, you should select that one.

Few viable options to fight WordPress spam are:

1.       Via Code: Yes i know it sounds bad for people who don’t want to do coding and hence the reason they use WordPress. But i am not going to share loads of codes here but share a few tips which might be useful to add into your WordPress site and fight spam.

a.       Deny Access to Spammer IPs: Spammer ips are the ones via which you keep on finding one of the other comment ending up into your comments area. You can simply take a note of these ips and add them in .htaccess like this

Order allow,deny

Deny from 123.123.123.123

Deny from 156.156.156.0/24

Deny from 189.189.0.0/16

Allow from all

This is just one technique. There are several other techniques of denying access to no referrer and  Denying access to referrer spammers mentioned in this article here: http://codex.WordPress.org/Combating_Comment_Spam/Denying_Access

2.       Disabling and modifying a few settings: Disabling and modifying a few settings from within WordPress is quite essential. For example trackbacks and pingbacks which seemed such a nice feature in 2010 has been a cause of worry for many in 2013. And with more SEO updates from Google Algorithm it is recommended that one may disable trackbacks and pingbacks on their blog which seems to carry more of spam lately than do any good to a blog.

Also one may disable commenting on older posts i.e. posts older than 30 or 60 days can be made to not receive any further comments by tweaking a setting in WordPress discussion settings.

Lastly one may also check the box where it says previously approved commenter will only get auto approval of comments and others will continue to be moderated.

 

3.       Plugins:

a.       Akismet

Akismet is a product by the creator or WordPress i.e. Automattic. It serves most blogs purpose and is free to use for personal blog sites and costs $5 per month for personal or business websites. People who want to use it for multiple sites more than 10 can opt for enterprise plan of $50 per month.

Akismet solves for most of the part blocks spam comments and human spammed comments often are noted as spam and kept in spam folder. However it has been debated quite often than Akismet fails on more than 1 count where it fails to detect a human spam comment. Well to fight this you can continue to keep all comments in moderation and only handpick the ones which you think are legitimate.

Akismet blog claims to fight a lot of spam in 2013 and shows some trends in here: http://blog.akismet.com/2013/08/02/high-levels-of-spam-continue/

b.      Captcha plugins

                                                              i.      SI Anti Captcha

SI Anti Captcha is a simple captcha technique which can be used as an extra feature along with Akismet to fight spam. This requires visitors to fill the anti spam captcha code which serves as an additional security after you apply Akismet. This also comes handy for blogs or sites which use registration, and login.

                                                            ii.      WP re-Captcha

WP re-Captcha uses google re-Captcha and needs to register or re-Captcha and generate API Key to take advantage and use of re-Captcha. If it works for you re-Captcha uses additional captcha texts and more methods and is currently the best way to fight spam commenting using Captcha technique. With its recent updates re-Captcha has grown more stronger adding text with visual numbers which are difficult to crack by spam bots.

                                                          iii.      Math Captcha

Math captcha comes handy for those who have lesser traffic and lesser spam by bots on blogs. It places a very simple math captcha at the end of commenting form which adds a simple security layer for fighting spam.

c.       Anti Spam by CleanTalk

This is one intelligent way to stop spam comments as well as block spam emails using contact form 7. Anti spam by CleanTalk uses intelligent techniques to detect spam and even blacklists as IP who is continuously spamming on your website. It doesn’t present any sort of captcha or questions or counting animals or puzzles or maths but detects the user submission first time. If seconds time coming from the same ip user submits spam they get blocked or banned depending on the type of spam.

d.      Spam Free WordPress

Spam Free WordPress provides spam bot protection in WordPress comments.

 

e.      Stop Spam Comments

Stop spam comments stops users using javascript to spam comments onto your site. However this used alone can’t be an effective way to stop spam and can be used with akismet.

 

  1. f.        AVH First Defence Against Spam

 

AVH First Defence Against Spam uses the project honey pot, stop forum spam ip and comment check and spamhaus ip check to deliver you a spam free comment. Whereby it sounds very interesting but sometimes the plugin causes comments to be slower with so many checks applied. The plugin author however recommends his plugin to be used along with Akismet to get the optimum performance out of this.

g.       Using other commenting plugins which have anti spam mechanism

                                                              i.      Livefyre

Livefyre uses social media accounts to validate an user and hence this becomes a legitimate way to prove that someone is human and not a spam bot filling up your comment. However Livefyre can’t protect your blog from human bots.

                                                            ii.      Disqus

Disqus commenting uses its own anti spam software and with each moderation or marking comment as spam it intelligently gathers data and reduces more spams. Also it has blacklist and whitelist techniques by which you can block certain users whom you think spread spam.

Disqus as with Livefyre uses social media accounts resulting in lesser spam. But yes this also can’t seem to block human spammers until moderator or admin blocks them manually first time.

                                                          iii.      Comment Luv

CommentLuv is another unique commenting method whereby you can force users to not use keywords in Name and rather use their twitter handles. Also it shares the last blog post of a website thereby backlinking the comment owner as well. CommentLuv looks quite promising and CommentLuv Pro has even more features to block and fight spam. It is also a way to generate more traffic into your blog since more users will get to know your blog via commentluv as well.

However CommentLuv is another tool which has been abused by spammers for sharing their newly created blog posts or blog sites.

Here is one such story where an user shares why they removed Comment Luv from their website:

http://www.velvetblues.com/web-development-blog/why-we-removed-commentluv-from-our-blog/

h.      Using security plugins

                                                              i.      Bulletproof

Bulletproof security uses some techniques and codes to block spam comments. Even though it is a security plugin which uses many techniques to secure your website from hacking attempts it also comes handy for blocking spam comments. Even though we prefer better wp security over it but this plugin also has its own fans.

                                                            ii.      Better WP Security

Better WP Security was recently acquired by iThemes. Better WP Security is one plugin which allows you to tweak a lot of settings which ultimately reduces spam from all quarters. So be it email, comments or even brute force attacks this plugin takes care of all security aspects of your WordPress. If you have a smaller website which doesn’t need much settings and isn’t that custom made you can surely use this plugin which won’t cause any conflicts but will make your WordPress security even tighter. Please note for tweaks where it mentions may cause plugin conflict. Avoid using them if you see any conflict.