An unfortunate problem that comes with having a popular blog is that you might start getting many spam comments. On one of our blogs we recently saw a jump from a few thousand spam comments being blocked each month to over 100,000 per month.
All these spam comments put a strain on the server so we need to find a solution to catch them and prevent them as early as possible.
The recommended plugins for you if you are looking to reduce spam comments on your blog are:
Akismet
Akismet checks your comments against the Akismet web service to see if they look like spam or not. It should be activated on all WordPress blogs as it is the staple spam blocker for such websites and does an excellent job. You’ll need an Akismet.com API key to use it. Keys are free for personal blogs, with paid subscriptions available for businesses and commercial sites.
Bad Behavior
If you feel Akismet is not enough, try adding Bad Behavior to the mix. Bad Behavior prevents spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site’s load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.
Bad Behavior also transcends other link spam solutions by working in a completely different, unique way. Instead of merely looking at the content of potential spam, Bad Behavior analyzes the delivery method as well as the software the spammer is using. In this way, Bad Behavior can stop spam attacks even when nobody has ever seen the particular spam before.
Bad Behavior is designed to work alongside existing spam prevention services to increase their effectiveness and efficiency. Whenever possible, you should run it in combination with a more traditional spam prevention service like Akismet.
Project Honey Pot Spam Trap
This plugin automatically scatters invisible links to Project Honey Pot spam traps throughout your wordpress blog to help catch and stop spammers.
Project Honey Pot is the first and only distributed system for identifying spammers and the spambots they use to scrape addresses from your website. Using the Project Honey Pot system you can install addresses that are custom-tagged to the time and IP address of a visitor to your site. If one of these addresses begins receiving email Project Honey Pot not only can tell that the messages are spam, but also the exact moment when the address was harvested and the IP address that gathered it.
Download Project Honey Pot Spam Trap
WordPress Hashcash
WP Hashcash is an antispam plugin that eradicates comment spam on WordPress blogs. It works because your visitors must use obfuscated javascript to submit a proof-of-work that indicates they opened your website in a web browser, not a robot. If the javascript check fails, WP Hashcash now gives you three options; it can either put the comment into moderation (default), put the comment in the akismet queue, or delete it.
ZigTrap
ZigTrap adds a hidden field to your comments form, which humans will leave empty because they don’t know it’s there. Spam bots, however, will normally enter some content in it, and this springs the trap, causing WordPress to show a message and not save the comment at all.
SI Captcha Anti Spam
SI Captcha adds CAPTCHA anti-spam methods to WordPress on the forms for comments, registration, lost password, login, or all. It is fully configurable and a useful third barrier for spam comments if the other plugins mentioned above are not enough. Remember that adding a captcha to your site is also placing an extra hurdle for legitimate users, so think well before implementing a captcha system on your blog.
HTACCESS Hack
Adding the code below to your .htaccess file will stop bots with no user agents from posting and browsing directories, it’s a useful addition to combat spam.
[php]
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule .* – [F]
Options All -Indexes
Options +FollowSymLinks
[/php]
Those are our recommendations for reducing spam on your blog, do you have any other solutions? Let us know in the comments below!
If you enjoyed this post, make sure to subscribe to WPMayor’s RSS feed.
2 Responses
Excellent tip Andy! I think I’ll dedicate a whole post to CloudFlare shortly.
You should (if you havn’t already) check out CloudFlare. It’s an automatic part of every client web site I set up, and it has kept spam away from the hand full of sites that I manage.