WordPress spam comments & ways to fight them
I love WordPress. I’ve built sites using wordpress and I do a lot of SEO work for clients based on WordPress websites. I’ve been getting regular questions about WordPress spam comments. So, I decided to write a post about dealing with spam comments on WordPress sites.
Let’s start with where these comments are coming from. First of all, most of these WordPress spam comments are done for the purposes of SEO / link building via blog comments. Here’s what Google says about comment spam as an SEO tactic. It’s usually done via an automated method (i.e. 10,000 comments made by a robot). In this case not-so-whitehat SEO is auto-creating tons of links and looking at what sticks (because some of those links may get approved). Here’s what you get as a notification in your mailbox when a WordPress spam comments are made on your site:
Website : Toms Outlet (IP: 188.8.131.52 , 184.108.40.206)
URL : [full page address of a site trying to build links through commenting]
Hi there, I check your blogs named “Bonjour! | [your blog post name]” daily. Your story-telling style is awesome, keep it up! And you can look our website about Toms Outlet.
Approve it: http://yoursite.com/wp-admin/comment.php?action=approve&c=2
Trash it: http://yoursite.com/wp-admin/comment.php?action=trash&c=2
Spam it: http://yoursite.com/wp-admin/comment.php?action=spam&c=2
Currently 1 comment is waiting for approval. Please visit the moderation panel:
Fight WordPress spam comments!
These WordPress spam comments take time to review, especially when you don’t know what they are and why they’re coming to you. There’s a few things you can do to deal with these spam comments. So, let’s take a look at your options.
Option 1: Do nothing
By default they’re drafted for moderation in WordPress (make sure you have it configured). They don’t really hurt you as long as you don’t publish them. So, the simplest recommendation is to ignore those comments. Everyone gets them. Best of all, this option is free. Just make sure that you get into a habit of screening those comments and deleting them from your mailbox.
Option 2: Disable comments altogether
Some site owners may want to disable comments throughout the site. If you’re not planning to accept and reply to comments, this is your option. To do that go inside Settings > Discussion and update the settings. This is a simple adjustment that you can do on your own. It’s easy, fast and free. The minus here is that if you blog regularly (which is highly recommended in today’s digital landscape) you won’t be able to communicate with your readers with your comments closed. And it’s like shooting yourself in the foot of your content marketing strategy.
If you still want to do it, here’s a quick 1- minute video from WPBeginner to show you how to turn off comment notifications in WordPress:
Your site may also collect comments from pages other than your articles. Some WordPress themes come with comments enabled on your pages. If this is the case and you haven’t already disabled comments on your pages, then here’s how you do it:
Option 3: Adjust WordPress comment settings
A more involved (time-wise) option is to update the Discussion settings on your WordPress blog so that the commenting rules are very strict (i.e. only allowing comments from registered users who were previously approved for commenting). It’ll give you some peace of mind but still some WordPress spam comments will pass through and you’ll need to update your settings regularly to ensure your site is protected from spam comments. Again, to edit these settings go Settings > Discussion. There’s a bunch of advice out there on how to tighten up your discussion settings in WordPress.
Please keep in mind that each blogger will have his / her own comment policy. Some might want to have a tighter security to ensure that every comment is moderated. Other bloggers who get a lot of quality comments may not want to approve every comment. Anyways, take a look at the video and create your own security level to protect your site from WordPress spam comments.
Option 4: Install Disqus commenting plugin
This option will require installing and configuring a free commenting plugin by Disqus. Disqus is a standalone commenting platform that helps people communicate on the web through commenting plugins installed on websites. I personally tested this option and it fights WordPress spam comments well for me. Of course I get occasional spam comment here and there, but for the most part, it’s a huge improvement. Plus it offers great options for comment moderation and interlining your other posts with similar topics. To use this option you’ll need to do the following:
- Register an account with Disqus
- Install and configure the Disqus WP plugin
- Enjoy your commenting system by Disqus!
To make it visual, here’s a short YouTube video about installing and activating Disqus comments on your WordPress website. Thanks to guys at WP Knowledge Base for producing it.
Option 5: Buy and install Akismet
Finally, Akismet is the most expensive option of the above. It’s a solid spam protection plugin that’s affiliated with WordPress in some way (Akismet is now part of WordPress, I believe). The bottomline is that WordPress and Akismet are highly integrated. It’s even installed as a default plugin when you install your WordPress. If it’s not, get the Akismet plugin. Akismet has both free and paid options. Free for non-profits. I personally suggest that you purchase a smaller package, but still pay for the tool. People have worked hard to make Akismet and they should be rewarded. Here’s what you need to do to follow this route:
- Have your WordPress.com account ready (or create one here)
- Log into Akismet using your WordPress.com account
- Choose the spam protection package you want to use
- Install / activate your Akismet plugin in your WordPress install
- Get Akismet API key and insert it in Akismet WP settings
- All your comments should now go through Akismet filter
Here’s a very short (3+ mins) and a simple video on how to install and run Akismet spam protection plugin for WordPress. By the way, I wanted to thank the authors of this video for creating such a simple, professional and short video on the topic. Most other videos I looked at were close to 10 minutes long and were poorly done. Watch more videos like that at My Digital Dispatcher channel on YouTube.
In my experience, once your site gets better rankings these spam-bots start bombarding you with these automated WordPress spam comments. Good thing is that your site is probably doing well in Google, otherwise you wouldn’t have such a problem :). I hope these simple tips on WordPress spam comments protection for your site will help you. Consider leaving a comment or two if you’d like to share your experience.