Technology Blog

How to protect your blog from WordPress SPAM

0

If you ever used WordPress before, then you will know what a nuisance spam comments can be. WordPress is the most widely used CMS platform and thus it gets targeted by spammers on a regular basis in an attempt to create backlinks to their websites for SEO Green Cash key on a computer keyboard with clipping pathpurposes or simply advertise their products.  Sometimes the spam comes in masses making it practically impossible to protect your work from it. Luckily there are some instruments you can use to prevent it.

We had our share of spam comments on the MochaHost blog and it takes few measures to effectively stop them.

 

 

1.     First of all delete all spam comments!

 

This is not too much of a tip, but before you take any steps to prevent spam, you need to have your blog clear. From the “comments” panel, delete all of these comments and remove everything from the trash as well.  If posting comments requires moderation and you have not been moderating them for a while, you may have thousands of comments to deal with, which may take hours or days to go through. If you do not want to waste that time you can use a plugin called “Delete Pending Comments” and start your anti-spam optimization quickly. In this case, you will also lose all wanted comments. This takes us to the next step you can take:

 

2.     Enable moderation for the comments

images

This is a 100% working method ensuring that no spam comment will get to your blog unless you personally approve it. Most of the time this is a working solution, but if you manage multiple high traffic blogs, it can be a tedious and boring job. Go to Settings > Discussion and scroll down to Comment Moderation.

The other option that may save you some time is to moderate just new comment authors.  Check the “Comment author must have a previously approved comment”. This way you will only approve the first comment of the blog reader, saving you some effort to review their comments every time.  However, be very careful who you approve. Some of the comments may look genuine, but are in fact spam. You will them open a hole for them to flood your blog posts. Don’t do it blindly, many of the comments may be praising such as “Great article. That really solved my problem”, make sure you pay attention to the person’s name, the article’s topic and their website. Normally these comments don’t say anything specific about the material you posted.

From the same menu, you can also limit the number of links a comment can have to 1. Many of the spam comments content will just be a large number of hyperlinks.

 

3.     Use the Spam Words and Comment Blacklist functionality

 

While moderating your comments, you will notice that much of the spam concerns similar topics, such as particular pharmaceuticals for example. In the same above-mentioned menu, add these words each on a separate line in the “Comment moderation” field. This will save you some time and provide another layer of protection to your WP blog.

The “Comment Blacklist” option is a bit more drastic; removing without a trace all comments that match the criteria. You can manually add IP addresses of people that are sure to be spammers or again use to add keywords, but only when you are 100% certain on the effect.

 

4.     Antispam plugins

 

There are a number of very useful Antispam WP plugins that actually do a great job saving you from the unwanted messages.

 

Akismet – This is a system of intelligent algorithms that tracks spam and identifies comments that “look” like spam. It is undoubtedly the best one out there and it helps in over 99% of cases. You will however need an  API key for Akismet, which is free if you own a personal blog, but you will have to pay a small monthly fee if you own a business one.

Quiz  – This is an interesting plugin that will require visitors to answer a simple question before posting a comment. Bots are very unlikely to be programmed to bypass an actual question ensuring a relative safety from spam. You have to option to create your own questions, so make sure they are easy enough for all people to answer. Simple mathematical equations are suitable for the job. (2+7=?)

 

5.     Modify the .htaccess to prevent bot posting

 

Most of the comments are posted by bots. By adding this snippet to your .htaccess you will deny bots with no referrer.

# Protect from spam bots
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} !.yourwebsite.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

 

Just replace the “yourwebsite.com” with your actual blog URL.

 

Spam can be incredibly annoying and sometimes even difficult to deal with. If you followed the above-mentioned steps, you are likely to have won over the majority of spam comments, leaving you with few (if any) to moderate.