If you fail to set up WordPress properly, there’s probably a good chance you’re going to be bombarded with spam comments every day. Aside from comments, these spammers will also take advantage of your registration process and even attempt to email you with messages you don’t have the time for.
However, if you have the right plugins in place, you can slowly kiss that spam goodbye and focus on the more important things in life like your content and marketing efforts.
While it isn’t recommended that you download every anti-spam plugin on the list below, it’s best you pick out the ones you feel fits best with your blog’s theme.
With every default WordPress install, Akismet comes included. However, you will have to create an account and get an API key before it actually works. With millions of users using this plugin, this free, complex filtering engine will keep track of all the comments on your blog. Using the data it compiles, it will be able to automatically send a comment to the spam folder before it even hits your pending or approved comment folder. While this plugin is extremely accurate, there will be times when a reputable comment gets marked as spam from time to time.
AVH First Defense Against Spam
Before any content is even served to your website visitors, AVH First Defense will have the ability to distinguish a bot from an actual human visitor. This plugin will use a local blacklist of IP addresses and information supplied by third parties to fight off the unnecessary spam. This database is updated in real-time, gathering data from other WordPress users, allowing it to be fairly accurate.
The great thing about Bad Behavior is that it can often prevent robots from even accessing your website in the first place. While most of other plugins try to stop the robots when they submit the comment, Bad Behavior is going stop them before they even attempt to spam you. Aside from this, it can also help keep your website’s loading time fast and keep your logs free and clear.
This advanced web spam filtering tool will learn and adapt to your users’ behavior. Aside from filtering spam, Defensio Anti-Spam can help with detecting malicious content, filtering profanity and detecting potentially threatening scripts.
Fast Secure Contact Form
Unfortunately, spam is going to attack other places like your contact form. When these bots get on your contact page, they will simply email you the spam instead of posting it as a comment. In the past, these bots could crawl your email address and quickly add you to an email list that bombarded you with spam. Thankfully for the Fast Secure Contact Form, this plugin includes CAPTCHA and Akismet to block spammers before they send you a message. It’s also a quick way for users to send you a message instead of opening up their email client.
Peter’s Custom Anti-Spam
With Peter’s Custom Anti-Spam, a user will be asked to identify a random word that is presented inside of an image. If the user fails to identify this word, your website won’t be able to accept the comment. This random word, unlike other CAPTCHAs, is easy to read, easy to translate and is very versatile.
The plugin Spam Stopper does just what it says it will do, and it does a good job at it. Using the WP-reCAPTCHA technology, users will have to input a word to successfully submit their comment. If the plugin detects a spam comment, it will stop it immediately. This plugin is extremely easy to setup and use. Even though it hasn’t been updated for more than two years, users still find it effective.
This advanced plugin is designed for blogs that allow their users to register. Whenever a user registers, WangGuard will determine if it’s an actual user or a bot. If it’s a bot, it will automatically delete the user and clear your database. If your blog receives more than 500 registrations a day, then you will have to pay $200 per month. However, if you stay under this number, it’s free for personal use.
The plugin WP-reCAPTCHA uses a creative system that uses a special word combination for its CAPTCHA, instead of a character-based system that is often flawed and can be easily hacked. Instead of generating random characters that can be picked up by bots or frustrate the user, the reCAPTCHA will take parts of a word from a digital library. When a handful of users solve the “unknown” word, the system will be able to store that word inside of the digital library, helping them digitize books. This particular software is being used by Facebook and Twitter.
Strategies to Implement Outside of Plugins
While the plugins noted above can get the job done 99 percent of the time, there are some things that you can do to fight spam one step further:
#1 Default Article Setting
When creating an article on your blog, make sure that you cut out pingbacks and trackbacks. Most of the time, these won’t be necessary and are ways to alert you when a website links to you. Sadly, most of these links are spam.
#2 Comment Settings
As a default setting, WordPress will ask users to simply offer them with a name and email address. However, if you take it one step further and make them register, this can cut your spam down significantly. Before you do this though, just keep in mind that it may prevent legitimate visitors who want to comment because they don’t want to go through the lengthy process.
#3 Before a Comment Appears
Whenever anyone leaves a comment, always make sure that you approve it manually. If this seems like a lot of work, you may want to consider letting approved people who posted a comment in the past not have to go through the moderation process again.
Lastly, if you’re noticing spam getting through the cracks, pick out keywords from the spam comment and add it to your comment blacklist. That way, when a comment comes through with those keywords, it will automatically go to the spam folder.
In the end, by taking the initiative to download the right plugins and manage your comments properly, you should be able to cut down on your spam comments quite a bit. Remember though, you’re going to want to limit your plugin installations because this can increase your load time and potentially harm your user experience.