Your comment section gives you a convenient way to interact with your website readers. Unfortunately, opening your website to comments means you will have to deal with spam. Unless you're the type of blogger who doesn't solicit comments through comments and trackbacks / pingbacks, you'll have to deal with that at some point or another.
But the question is as? As spam bots (and human spammers) get more sophisticated, it's increasingly difficult to keep your blog clean of inappropriate and irrelevant content.
Luckily, WordPress comes with free built-in features and plugins to help control and combat spam, including Akismet and comment blacklists. Even better, there are many third-party plugins available to provide additional protection against spam.
In this post, we'll take an in-depth look at the problem of WordPress blog spam, the negative impact it can have on your site if left unchecked, and how it can be managed and prevented. At the same time we will take a look at the tools available in WordPress to combat this problem. Finally, we'll finish with some plugin recommendations to take your spam moderation to the next level. Let's dive in!
What is WordPress comment spam
Automated spam comments like these can invade your WordPress database.
It can be exciting when new comments appear on your blog. Regardless, that first flush of excitement often fades when you see inappropriate responses to your content. These responses, of course, at the same time are known as spam. The dictionary simply defines it as «irrelevant or inappropriate messages sent over the Internet to a large number of users". It sounds good to me.
Blog spam is born out of the same family as the familiar email spam, but it has its own unique purpose: to get backlinks. Whether via a blog comment, trackback, or pingback, the purpose of blog spam is to post a link on your site that points to another site. The site in question is often irrelevant to your niche and often of poor quality.
These unsolicited messages are a reality if you allow commenting on your posts. Luckily, identifying it is relatively simple, as it generally takes one of three main forms.
1. Spambots
These are comments that are published automatically by means of a script or a bot that scours the web in search of targets to flood with junk comments. There is no direct human involvement in these comments and they are generally quite easy for the human eye to spot. Spambots are probably the biggest culprit for irrelevant comments.
2. Manual comments
This is when humans are hired to manually post comments on the sites. The quality of these comments can range from blatantly obvious to questionable, which of course represents a major headache for anyone trying to weed out spam from their site. These will almost always include links in the comments and can be a bit more sneaky than bots (we've seen comments with questionable links added to blanks in the comment text).
3. Trackbacks and pingbacks
By Google's definition, a trackback is "one of three types of linkback methods for website authors to request a notification when someone links one of their documents." For our purposes, you can take care that pingbacks are essentially the same. You've probably seen trackbacks before. They exist as a list of links, generally within or below the comment section in a blog post. For the purposes of spammers, the goal is simple: mention a blog post in your own post and get a link.
Each of these types of spam is problematic and will often receive more than one category. Together, they can clog up your comment section and cause all kinds of problems.
How comment spam affects your WordPress site
Spammers use trackbacks to link to irrelevant sites.
You may consider spam to be nothing more than a nuisance. Regardless, if left unchecked, it can have negative consequences for your website. As well as providing a poor user experience for your readers, comment spam can harm your site in many ways, causing:
- Loss of search engine rankings. Google targets bad links on your site for ranking purposes, including in comments.
- Potential risks to your readers. Links in spam comments can lead to malicious sites.
- Site speed and loading time issues. Too many comments can overload your WordPress database and slow down your site.
All blogs that allow commenting are vulnerable to spam. Having an action plan to reduce and combat it is the only way to protect your site and your readers.
How to combat WordPress comment spam
While comment spam is unavoidable, there is good news. You can combat this pest by moderating your comments and using Built-in WordPress tools.
First, make sure you've turned on comment moderation. Doing so will allow you to approve any comment before it is published on your site. If you don't have time to review each comment, you can set parameters based on several factors. As an example, under Settings> Discussion you can:
- Mark a comment as spam based on the number of links it has.
- Commenters on the blacklist in reaction to the above spam.
- Disable trackbacks and pingbacks.
- Allow only registered users to post comments.
Don't forget the biggest weapon in your default arsenal: add-ons. There are tons of great free and open source plugins that you can add to your WordPress installation to check comments and filter out anything that looks spammy.
Reduce comment spam on your WordPress site with a plugin
One of the best things about using WordPress is how easy it is to customize it. When it comes to blog comments, you can use WordPress anti-spam plugins to beef up your security. Here are three plugins to help you control comment spam.
1. Akismet
How not to mention Akismet? This plugin comes installed by default on WordPress blogs and is free to use for personal bloggers (with a monthly business subscription set at $ 5 per month and business solutions available at $ 50 per month).
When using a "general" spam solution like Akismet, you must agree that some legitimate comments may be marked as spam. It is simply a cost of blogging and using an automated spam blocker. The problem is mainly due to human spammers. One person's spam is another's legitimate comment, so if humans can't agree 100% of time, what chance does a plug-in have?
Nonetheless, for the most part, Akismet does a great job. It keeps a massive amount of spam at bay on my blog, and only the occasional legitimate comments are detected. At the same time, it takes care of trackback spam at the same time, a great advantage.
Outstanding Features:
- Block comment and trackback spam.
- Automatically check all comments.
- Comment history so you can check which comments were blocked by the plugin or moderators.
- Includes a "Discard" setting to automatically block the worst spam.
Price: Akismet is a free plugin and it is feasible that it is already installed on your blog.
2. Antispam Bee
This plugin uses the 'honey pot' technique to invisibly catch bots. Humans will not see captchas, but bots will, and will subsequently be caught as spam. Antispam Bee acts as a firewall to block both automated and targeted spam. Since you block these comments before they hit your database, you never have to worry about them slowing down your site.
Outstanding Features:
- Block trackback and pingback spam.
- Avoid spam in the front of the site, so it never reaches the WordPress database.
- Works with all major form building tools.
Price: Antispam Bee is a free add-on.
3. Titan Anti-spam
Anti-spam uses invisible captchas to block all spam from your comments. The pro version at the same time blocks spam sent manually. While this plugin does a great job of stopping spam comments, it does not protect other types of forms on your site. This means that you may want to use this plugin with something else for additional form protection. Regardless, it's still an excellent lightweight option.
Looking for more protection options? Anti-Spam Pro includes additional settings for manual spam protection, so it can automatically prevent comments that rank high on a spam point scale (with more than a specified number of links, flagged spam words or words).
Outstanding Features:
- Block trackbacks by default.
- Prevent automated spam from reaching your WordPress database.
- The Pro version blocks manual spam.
Price: Anti-Spam is free and the pro version is available for $ 25.
4. WPBruiser
WPBruiser promises to work from the moment you install it. This plugin combines protection against brute force attacks with blocking of spam comments. You can use it to protect all your forms and your readers should never use a captcha. Overall, it is a comprehensive and easy-to-use option.
Outstanding Features:
- Includes protection against brute force attacks.
- It enables you to block malicious IP addresses.
- It is compatible with WordPress Multisite.
- It offers extensions that work with the main form tools.
Price: WPBruiser is a free plugin with optional extensions.
5. Hide trackbacks
This last plugin is extremely straightforward, as it just does what the title says - it hides trackbacks. Even though you can disable trackbacks entirely, it is useful to simply hide them if you want to keep track of who links to you. This plugin removes trackbacks from your interface, but still makes it possible for you to view them in your WordPress dashboard.
Price: Hide Trackbacks is totally free.
Comment spam is a simple reality on the internet, unless you plan to disable comments entirely. Protecting your site from inappropriate comments is crucial to its overall health and performance. By removing spam comments, you can keep your database clean, maintain a strong user experience, and improve engagement.
Have a question about managing spam on your WordPress site? Or tips to add to the list? Let us know in the comment section!
