How To Prevent WordPress Spam Comments With Smartness And Plugins

Spam comments is one of the biggest pain to a blogger and tacking them is part of our day-to-day life.  I have seen many new WordPress bloggers who shifted from BlogSpot find it hard to tackle the spam comments. Most of the time it’s because of the ignorance and awareness about spam comments. Earlier, I have shared an article on how a blogger should moderate blog comments, and this particular guide is for all WordPress blogger to learn about the settings which will help them to reduce spam comments on their blog. I will mention about anti-spam blog comment plugins later in this article, but first lets look at the WordPress settings which will help you to control spam comments to a great level.

Prevent WordPress Spam Comments

How to Configure WordPress Discussion settings to reduce spam comments:

WordPress gives you complete control on comment moderation. Spam filter will happen later, but first it’s your job to make sure that no comments should go live without moderation. Comments on your blog is valuable in many ways, such as:

  • Add value to the article: A good comment will add more points and improve the overall value of your blog post.
  • Trust factor: If your blog post gets good number of genuine and meaningful comments, that helps in increasing the trust factor of your blog.
  • Search engine ranking: I have done testing in the past where I have removed all comments on my old posts, and that drastically reduced the ranking of my posts. Having meaningful comments will increase the keyword density and variation, and thus helps in improved ranking of your blog.

Similarly, if you are not moderating your blog comments and spam comments are going live on your blog, you are more likely to see decreased ranking and your blog might be affected by Google penguin penalty. Even if you have made the mistake of approving spam comments in the past, you should edit old posts and remove all such comments from your blog. This also includes those comments like “nice post” “Good post” which doesn’t add any value to your articles.

I was helping one of my client with her blog SEO, and I realised she had Akismet plugin installed, but her WordPress discussion settings was not properly configured. Due to this, almost 2K+ spam comments were live on her blog, and one of the major reason of her blog lower ranking. This post is inspired due to her mistake, and we will look into WordPress discussion settings which you should configure for your WordPress blog to prevent WordPress spam comments and improve the comment moderation of your blog.

To get started with it; login to your WordPress dashboard, and click on Settings > Discussion and configure them as mentioned below. Do read the details, so that you also learn what you are doing:

Default Article settings:

WordPress Default article settings

This is the first section of WordPress discussion settings, and here you should uncheck the second option which says “Allow link notifications from other blogs (pingbacks and trackbacks)“. Since I don’t find trackback and ping backs to be very useful in terms of adding value, I keep this option as unchecked. If you have accidentally approved trackbacks in the past, you can read this guide to delete all previously approved trackbacks.

Other comment settings:

WordPress Comment settings

This is another straight forward settings, where you can simply copy the settings as shown below. If you run a membership site or a site where you want only registered users to comment on your blog, yo should check the second option “

Before a comments appear:

Before WordPress comment appears

This is the most important settings to ensure that no comments goes live without moderation. This is to ensure that you have complete control over your blog comments, and only manually approved comments should go live. I have WordPress for iOS app on my iPhone, which is very helpful to keep moderating comments while I’m away from my laptop. If you are one of those blogger who like to instantly moderate a comment, I recommend you to install WordPress App on your smartphone and moderate comments from everywhere you go.

Comment moderation and blacklist:

WordPress Comment spam battle

This section is very useful to tackle spam comments on your WordPress blog. So far, from all the above settings we have already set that no comments should go live without moderation. If you have selected the option where commentators comment will automatically approved if commentator has earlier approved comment, you can further put a spam check with comment moderation and blacklist settings. With comment moderation settings, you can put any comment for hold if it has more than “X” number of hyperlinks. Where X could be any number. In my case, I have set it up X as 1. Similarly, you can also hold a comment based on Word match. I don’t explicitly use this feature, as this causes many genuine comments to land into spam or moderation queue. For now, I have used only following words which you can see in above picture.

With above settings, you will be able to have complete control of WordPress comments moderation. This not necessarily prevent your blog from spam comments, as we need to use anti-spam comments WordPress plugins to check all comments in moderation queue for spam.

Some of the best WordPress Comments Anti-spam plugins:

Once you have set up your WordPress blog for moderating all comments, now it’s time to add measures which will automatically filter spam comments. So far, I haven’t seen a single WordPress blog anti-spam comment plugin which can prevent 100% of spam. So, be sure that some manual work is always require to ensure your blog is spam free. Now, there are numerous WordPress anti-spam plugins which you can use, but I’m naming two that I use on ShoutMeLoud:


WordPress Spam comments

Akismet is an official plugin by WordPress parent company Automattic and is the first plugin which you will be needing to prevent spam comments on your WordPress blog. To enable this plugin, you need to get an API key. You can read this guide to learn and understand how to acquire API key for Akismet plugin.

Growmap Anti Spambot plugin:

GASP Antispam plugin WordPress

This is another WordPress Antispam plugin which I use along with Akismet. This plugin offers multiple option to battle comment spam on your blog. The best part is, this plugin stops automatic comment spam to a great level. You can find complete details about G.A.S.P plugin on official download page over here.

If you are being bombarded with spam comments from any particular I.P. , you can use this .htaccess method to prevent spam bombing on your blog. Along with above two plugins, I also use Wangguard plugin to prevent spam registration on my blog. This is a free plugin and one of the best I have found for preventing spam registration on WordPress blog. You need to use it only if you have allowed user registration on your blog.

This is what I use to ensure only valuable comment goes live on my blog, and if you use any other technique or want to share any other anti-spam comment WordPress plugin, let me know via comments. If you enjoyed this article, do consider sharing it with your friends on Facebook and Google plus.

Subscribe on Youtube

Article By
Harsh Agrawal is a blog scientist and a passionate blogger. He is blogging since 2008 & writes about Blogging, SEO, Make money online & tech. His blog, ShoutMeLoud receives 1 million Pageviews/month and have over 700K subscribers.


COMMENTs ( 10 )

  1. Augustus says

    Thanks for sharing this tips, During my first week on WordPress, I nearly got frustrated, because I had to manually delete hundreds of spam messages, until I read about Akismet and had it installed on my blog, but recently I noticed Akismet needs you to clear out spam messages once it reaches about hundred or so, else it will start showing spam comment in the moderations page, which means the accuracy has reduced.

    My question is, why do people spam? I mean, the eventually know, the blog owner won’t publish their comment, isn’t that a total waste of time that could be used for something more productive?

    • says

      The thing is spams are automated, and needs very little manual work. So, people don’t mind using it for their short-term advantage. As a legit blog site owner, what you can do is; put all reliable measures to keep spam away from your blog.

    • manindra says

      Some spammers do this to increase backlinks for their site or provide services for increasing backlinks. some hackers send link comments to compromise your blog. some spammers are for fun they write a program that automatically create a comment and the will do this to test their programming skills

  2. Gaurav Heera says

    Hello Harsh,

    Thanks for posting this article, one of my client was disappointed with spam comments on wordpress and i was unable to resolve because i did not know about Akismet, but now i have installed Akismet on their wordpress blog and now waiting for his reply.

    thanks and regards
    Gaurav Heera

  3. Naziman Azlye says

    I’m using “Stop Spammer Registrations Plugin”. It works at my blog. Before using this plugin, i get 100 everyday in spam folder but after i install this plugin 1 or 2 spam comment in one weeks. The best plugin to prevent spam comments for now, i think.

  4. says

    Why not deny access to no referrer requests via .htaccess? Simple, easy and one plugin less. When your readers comment, the wp-comments-post.php file is accessed, does its thing, and creates the post. The user’s browser will send a “referral” line about this.

    When a spam-bot comes in, it hits the file directly and usually does not leave a referrer. This allows for some nifty detection and action direct from the server. If you are not familiar with Apache directives, then write the following in your root directory .htaccess file::

    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !.** [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]

    In the 4th line, change to your without the www or any prefix for that matter.

  5. says

    yes i will follow the tips I also want to know i am getting too much login attemps in my site from different ips how can i prevent like in one day i got aprox 10 login attemps all are from different ips how can i prevent my site from those login attempts?

  6. rahul says

    I installed Aksimet Plugin but I never paid attention to discussion setting , time to work on this. I am new to worpress so i am learning a lot these days about plugins and how to secure worpress, and I get almost all the solution at “Shoutmeloud” :)