: How to prevent common spam on a WordPress blog Right from the day I installed WordPress on my site, I started getting spam comments/trackbacks. I have also prevented anonymous comments. I get

@Deb1703797

I have installed Akismet on my blog and the spam has dramatically reduced. I was getting 5+ spam comments a day now I have only had one this month. There are bots that just crawl around and post spam everywhere.

Vote Up Vote Down

@Nimeshi995

First off - it is near impossible to ensure 100% spam is never received on a public site that allows user submission, the best you can hope for is lowering it as much as you can.... Spam prevention is like a car alarm, it lowers the chances of becoming a victim.

There is hundreds of guides on the net but here's 5 solutions:, I personally just remove the footprints and wam! 99.9% gone.

Captcha

Using a Captcha service on your site can lower the amount of spam you receive but ultimately good spammers use de-captcha api service that costs as little as [CO].01 per a decode.

Akismet

Akismet is a good service but sadly some slip though and sometimes even good messages can be flagged as spammy when they are not. I personally would use it, but it doesn't address the actual issue of how the spammers are finding you...

Removal of Footprints

This the most ignored factor and in my honest opinion the best way for a 'normal' site to avoid spam. Spammers don't have a magic list or scrape every site on the planet to find comment fields, they use search engines to find your comment fields. So you can put a stop to this by removing commonly used footprints.

Such as... footprints like:

"Leave a Comment"
"Leave a Response"
"Powered by WordPress"


By removing the above you can stop a lot of spammers finding your site, in order to understand what I'm talking about try this in Google:


Web Design + "leave a reply" + "Powered by WordPress" -"comments
disabled"


This will report back Web Design sites, that have a comment box, is powered by WordPress, and does not have comments disabled. Spammers often use scraper bots such as scrapebox to find victims and they use digital footprints.

Renaming of fields

Automated software will often find named input fields, simply renaming these fields can help you confuse their bots.

For example:

<form action="comment">
Name <input type="text" name="name">
Email <input type="text" name="email">
Site <input type="text" name="site"
<input type="submit" value="Submit">
</form>


You could change this too:

<form action="comment">
Name <input type="text" name="RandomString">
Email <input type="text" name="RandomString">
Site <input type="text" name="RandomString">
<input type="submit" value="RandomString">
</form>


As many automated software use standard things such as name="email" and so on.

Removing URL field, and putting URLs straight into spam box

Another simple method of preventing spam or least lowering it, is to remove the URL field from being accessible as well as throwing all comments with URLS in the text field into the spam box.

Vote Up Vote Down

@Barnes591

I would recommend you to use a free captcha service like SweetCaptcha wordpress.org/extend/plugins/sweetcaptcha-revolutionary-free-captcha-service/
You can also use an external service to manage your comments like Disqus wordpress.org/extend/plugins/disqus-comment-system/

Vote Up Vote Down

@Candy875

I have good experiences with requiring people to first login before posting a comment. I would also recommend Akismet, but my company is for my own business and Akismet is only free for non-commercial use.

Vote Up Vote Down

@LarsenBagley505

I would recommend you to install and enable Akismet: wordpress.org/extend/plugins/akismet/
Akismet checks your comments against the Akismet web service to see if they look like spam or not and lets you review the spam it catches under your blog's "Comments" admin screen.

Vote Up Vote Down