Plugins to Permanently Stop Spam on Your WordPress Blog

Published Nov 28, 2013 by James Parsons in Tools
The views of contributors are their own, and not necessarily those of

If you fail to set up WordPress properly, there’s probably a good chance you’re going to be bombarded with spam comments every day. Aside from comments, these spammers will also take advantage of your registration process and even attempt to email you with messages you don’t have the time for.

However, if you have the right plugins in place, you can slowly kiss that spam goodbye and focus on the more important things in life like your content and marketing efforts.

While it isn’t recommended that you download every anti-spam plugin on the list below, it’s best you pick out the ones you feel fits best with your blog’s theme.



With every default WordPress install, Akismet comes included. However, you will have to create an account and get an API key before it actually works. With millions of users using this plugin, this free, complex filtering engine will keep track of all the comments on your blog. Using the data it compiles, it will be able to automatically send a comment to the spam folder before it even hits your pending or approved comment folder. While this plugin is extremely accurate, there will be times when a reputable comment gets marked as spam from time to time.

AVH First Defense Against Spam

AVH First Defense Against Spam

Before any content is even served to your website visitors, AVH First Defense will have the ability to distinguish a bot from an actual human visitor. This plugin will use a local blacklist of IP addresses and information supplied by third parties to fight off the unnecessary spam. This database is updated in real-time, gathering data from other WordPress users, allowing it to be fairly accurate.

Bad Behavior

Bad Behavior

The great thing about Bad Behavior is that it can often prevent robots from even accessing your website in the first place. While most of other plugins try to stop the robots when they submit the comment, Bad Behavior is going stop them before they even attempt to spam you. Aside from this, it can also help keep your website’s loading time fast and keep your logs free and clear.

Defensio Anti-Spam

Defenseio Anti Spam

This advanced web spam filtering tool will learn and adapt to your users’ behavior. Aside from filtering spam, Defensio Anti-Spam can help with detecting malicious content, filtering profanity and detecting potentially threatening scripts.

Fast Secure Contact Form

Fast Secure Contact Form

Unfortunately, spam is going to attack other places like your contact form. When these bots get on your contact page, they will simply email you the spam instead of posting it as a comment. In the past, these bots could crawl your email address and quickly add you to an email list that bombarded you with spam. Thankfully for the Fast Secure Contact Form, this plugin includes CAPTCHA and Akismet to block spammers before they send you a message. It’s also a quick way for users to send you a message instead of opening up their email client.



Most anti-spam plugins on the web often incorporate the CAPTCHA technology. However, Growmap takes a simpler approach. When a user submits a comment, Growmap will simply ask them to check a box confirming they aren’t a spammer. Since most bots can’t read javascript, more than 99 percent of the bots out there won’t be able to make it past this verification point. As long as that box isn’t checked, the comment will never make it to your dashboard.

Peter’s Custom Anti-Spam

Peter's Custom Anti-Spam

With Peter’s Custom Anti-Spam, a user will be asked to identify a random word that is presented inside of an image. If the user fails to identify this word, your website won’t be able to accept the comment. This random word, unlike other CAPTCHAs, is easy to read, easy to translate and is very versatile.

Spam Stopper

Spam Stopper

The plugin Spam Stopper does just what it says it will do, and it does a good job at it. Using the WP-reCAPTCHA technology, users will have to input a word to successfully submit their comment. If the plugin detects a spam comment, it will stop it immediately. This plugin is extremely easy to setup and use. Even though it hasn’t been updated for more than two years, users still find it effective.

WangGuard Plugin

Wanguard Plugin

This advanced plugin is designed for blogs that allow their users to register. Whenever a user registers, WangGuard will determine if it’s an actual user or a bot. If it’s a bot, it will automatically delete the user and clear your database. If your blog receives more than 500 registrations a day, then you will have to pay $200 per month. However, if you stay under this number, it’s free for personal use.

WP Hashcash

WP Hashcash

Even though this is another plugin that hasn’t been updated in years, it still works like a charm. Working just like Growmap, WP Hashcash uses a obfuscated javascript piece of code that indicates that a human opened your website, not a robot. If the plugin determines that a robot did open your website, it will give the administrator three options: you can put it into moderation, the askismet queue or it can be deleted.



The plugin WP-reCAPTCHA uses a creative system that uses a special word combination for its CAPTCHA, instead of a character-based system that is often flawed and can be easily hacked. Instead of generating random characters that can be picked up by bots or frustrate the user, the reCAPTCHA will take parts of a word from a digital library. When a handful of users solve the “unknown” word, the system will be able to store that word inside of the digital library, helping them digitize books. This particular software is being used by Facebook and Twitter.

Strategies to Implement Outside of Plugins

While the plugins noted above can get the job done 99 percent of the time, there are some things that you can do to fight spam one step further:

#1 Default Article Setting

When creating an article on your blog, make sure that you cut out pingbacks and trackbacks. Most of the time, these won’t be necessary and are ways to alert you when a website links to you. Sadly, most of these links are spam.

#2 Comment Settings

As a default setting, WordPress will ask users to simply offer them with a name and email address. However, if you take it one step further and make them register, this can cut your spam down significantly. Before you do this though, just keep in mind that it may prevent legitimate visitors who want to comment because they don’t want to go through the lengthy process.

#3 Before a Comment Appears

Whenever anyone leaves a comment, always make sure that you approve it manually. If this seems like a lot of work, you may want to consider letting approved people who posted a comment in the past not have to go through the moderation process again.

#4 Blacklist

Lastly, if you’re noticing spam getting through the cracks, pick out keywords from the spam comment and add it to your comment blacklist. That way, when a comment comes through with those keywords, it will automatically go to the spam folder.

In the end, by taking the initiative to download the right plugins and manage your comments properly, you should be able to cut down on your spam comments quite a bit. Remember though, you’re going to want to limit your plugin installations because this can increase your load time and potentially harm your user experience.

Written by James Parsons

James Parsons

James Parsons is a blogger and marketer, and is the CEO of Pagelift. When he isn’t writing at his personal blog or for HuffPo, Inc, or Entrepreneur, he is working on his next big project.

Join the Discussion

Featured SEO Service

Get Social Shares on
Each New Blog Post

Blog like a pro and get real human shares as soon as you publish

Trending Posts