Your comments section gives you a convenient way to engage with your website’s readers. Unfortunately, opening your website up to comments means you will have to deal with spam. Unless you are the type of blogger who doesn’t solicit feedback via comments and trackbacks/pingbacks, you will have to deal with it at some point or another.
But the question is, how? As spam bots (and human spammers) become more sophisticated, it is more and more difficult to keep your blog clean of irrelevant and inappropriate content.
Luckily, WordPress comes with built-in features and free add-ons to help control and combat spam, including Akismet and comment blacklists. Even better, there are many third-party plugins available to provide additional spam protection.
In this post we will take an in-depth look at the issue of spam on WordPress blogs, the negative impact it can have on your site if left unchecked and how it can be managed and prevented. We’ll also take a look at the tools available in WordPress to combat this problem. Finally, we’ll finish up with some plugin recommendations to take your spam moderation to the next level. Let’s dive in!
What WordPress Comment Spam Is
It can be exhilarating when new comments show up on your blog. However, that first blush of excitement often disappears when you see inappropriate replies to your content. These replies, of course, are also known as spam. The dictionary simply defines it as “irrelevant or inappropriate messages sent on the Internet to a large number of users“. Sounds about right to me.
Blog spam is born of the same family as the oh so familiar email spam, but has its own unique aim – to get backlinks. Whether it is via a blog comment, trackback or pingback, the purpose of blog spam is to publish a link on your site that points back to another site. The site in question is typically irrelevant to your niche and often poor quality.
These unsolicited messages is a fact of life if you allow commenting on your posts. Fortunately, identifying it is relatively simple, since it usually takes one of three primary forms.
These are comments are posted automatically using a script or bot that scour the web in search of targets to flood with comment junk. There is no direct human involvement in these comments, and they are usually pretty easy for the human eye to spot. Spambots are probably the biggest culprits of irrelevant comments.
2. Manual Comments
This is when humans are hired to manually post comments on sites. The quality of these comments can vary from blatantly obvious to debatable, which of course offers up a big headache for anyone trying to eradicate spam from their site. These will almost always include links in the comments, and can be a bit sneakier than bots (we’ve seen comments with questionable links added to blank spaces in the comment text).
3. Trackbacks & Pingbacks
As defined by Google, a trackback is “one of three types of linkback methods for website authors to request notification when somebody links to one of their documents”. For our purposes you can assume pingbacks to be essentially the same thing. You will have probably seen trackbacks before. They exist as a list of links, typically within or below the comments section on a blog post. For a spammers’ purposes, the objective is simple – mention a blog post in their own post and get a link back.
Each of these spam types is problematic, and you’ll often receive more than just one category. Together, they can clog up your comments section and cause all kinds of issues.
How Comment Spam Affects Your WordPress Site
You may consider spam to be nothing more than an annoyance. However, if left unchecked, it can have negative consequences for your website. In addition to providing a poor user experience for your readers, comment spam can harm your site in many ways, causing:
- Loss of search engine rankings. Google targets bad links on your site for ranking purposes, even in the comments.
- Potential risks to your readers. The links in spam comments can lead to malicious sites.
- Site speed and load time issues. Too many comments can overload your WordPress database and slow down your site.
Every blog that enables commenting is vulnerable to spam. Having a plan of action for reducing and combating it is the only way to protect your site and your readers.
How to Combat WordPress Comment Spam
While comment spam is unavoidable, there is good news. You can combat this blight by moderating your comments and utilizing WordPress’ built-in tools.
First, make sure that you have turned on comment moderation. Doing so enables you to approve any comment before it posts to your site. If you don’t have time to review every single comment, you can set parameters based on several factors. For example, you can:
- Flag a comment as spam based on the number of links it has.
- Blacklist commenters in reaction to previous spam.
- Disable trackbacks and pingbacks.
- Only allow registered users to post comments.
Don’t forget the biggest weapon in your default arsenal: plugins. There are tons of great free and open source plugins you can add to your WordPress installation to check comments and filter out anything that looks like spam.
The Best Anti-Spam Plugins to Reduce Comment Spam on Your WordPress Site
One of the best things about using WordPress is how easy it is to customize. When it comes to blog comments, you can use plugins shore up your security. Here are three plugins to help you take control of your comment spam.
How could we not mention Akismet? This plugin comes installed by default on WordPress blogs, and is free to use for personal bloggers (with a commercial monthly subscription set at $5 per month, and enterprise solutions available at $50 per month).
In using a “catch-all” spam solution like Akismet, you have to accept that some legitimate comments may get flagged as spam. It’s simply a cost of blogging and using an automated spam blocker. The issue is mainly stems from human spammers. One person’s spam is another person’s legitimate comment, so if humans can’t agree 100% of the time, what chance does a plugin have?
However, for most part, Akismet does a great job. It keeps an enormous amount of spam at bay on my blog, with only the occasional legitimate comment being caught out. Furthermore, it takes care of trackback spam too – a huge bonus.
- Blocks comment and trackback spam.
- Automatically checks all comments.
- Comment history so you can check which comments were blocked by the plugin or by moderators.
- Includes a “Discard” settings to auto-block the worst spam.
Price: Akismet is a free plugin, and may already be installed on your blog.
This plugin uses the ‘honey pot’ technique to trap bots invisibly. Humans won’t see captchas, but bots will, and they will then be trapped as spam. WP-SpamShield acts as a firewall to block both automated and targeted spam. Since it blocks these comments before they reach your database, you never have to worry about them slowing down your site.
- Blocks trackback and pingback spam.
- Prevents spam at the front of the site, so it never hits the WordPress database.
- Works with all major form builder tools.
Price: WP-SpamShield is a free plugin.
Anti-spam uses invisible captchas to block all spambots from your comments. The pro version also blocks manually submitted spam. While this plugin does a great job of stopping unwanted comments, however, it doesn’t protect other types of forms on your site. This means you might want to use this plugin with something else to get extra form protection. However, it’s still an excellent lightweight option.
Looking for more protection options? Anti-Spam Pro includes added settings for manual spam protection so you can further by automatically preventing comments that rank high on a spam points scale (with more than a set number of links, words or flagged spam words).
- Blocks trackbacks by default.
- Prevents automatic spam from ever getting to your WordPress database.
- Pro version blocks manual spam.
Price: Anti-Spam is free, and the pro version available for $25.
WPBruiser promises to work from the second you install it. This plugin combines brute force attack protection with comment spam blocking. You can use it to protect all of your forms, and your readers will never have to use a captcha. Overall, it’s a comprehensive and user-friendly option.
- Includes brute force attack protection.
- Enables you to block malicious IP addresses.
- Is compatible with WordPress Multisite.
- Offers extensions that work with all major form tools.
Price: WPBruiser is a free plugin with optional extensions.
5. Hide Trackbacks
This last plugin is very straightforward as it simply does what the title states – hides trackbacks. While you can disable trackbacks completely, there is value in simply hiding them if you want to keep track of who is linking to you. This plugin removes trackbacks from your front end but still allows you to see them on your WordPress dashboard.
Price: Hide Trackbacks is completely free.
Comment spam is a simple fact of life on the internet, unless you plan to disable comments altogether. Safeguarding your site against inappropriate comments is crucial for its overall health and performance. By removing spam comments, you can keep your database clear, maintain a solid user experience, and improve engagement.
Do you have any questions about how to manage spam on your WordPress site? Or tips to add to the list? Let us know in the comments section below!