How to stop WordPress Blog Comment Spam

I have recently been plagued with Blog Comment spam on this WordPress powered Blog. The Comment spam takes the form of comments on posts containing links to poker/pharmaceutical/whatever sites – the point being that if the comments are published, the sites will gain another external link and rise in search engine rankings.

I moderate all comments on this blog so nothing gets published without my approval. Hence, the spam comments are never published, but I have to wade through them to find genuine comments and then delete the spam – this process is, at best, tedious and at worst, a pain in the … neck.

I searched for ways around this and found a nice WordPress plug-in called WPBlacklist. This plug-in has a very comprehensive configuration and, at first, worked very well. However, more recently, it was causing errors on the site whenever someone tried to make a legitimate comment.

I was alerted to this by Michele and he pointed me towards another plug-in for helping with blog comment which he finds useful. This one works on the basis of checking for links in the blog to Spam identified sites – it sounded promising, so I tried it. Again I was disappointed because I was still receiving many emails notifying me of comments (most of which were spam) and then I had to delete these comments.

Finally, I came across a post by Fahim Farook – the developer of the WPBlacklist plug-in that I had the trouble with previously. In his post, though, he recommends re-naming the WordPress comments file – and references to it.

This sounds like a beautifully simple way to overcome this problem. It should stop most automated comment scripts. I am trying this solution now – I renamed the file and the reference I found to it in the index file. I’ve also re-named some of the variables in the comments file (specifically the $comment_author_url and $comments variables). I haven’t tested it extensively yet, but so far, so good – and no comment spam has come in since I did this! Here’s hoping!

3 thoughts on “How to stop WordPress Blog Comment Spam”

  1. I have found Farook’s Blacklist to be the best – even better than MT blacklist. Some still get through but the vast majority are dealt with – I used to get up to 1000 comment spam per day. Now I get maybe 10.

    The errors you are experiencing are something i came across. It might be because you checked the box saying
    “Harvest information from deleted comments to add to blacklist”
    This had the effect of blocking large numbers of my regular commenters. I simply deleted the blacklist in SQL and started again. Now everything works great – and I import from Jay Allen regularly.

  2. Hi Tom,
    I had nearly the same problems wit Spamming as you mentioned. I first did put in a secret hidden input field in the input mask of the comment form and only let in comments that came from this form, but now it seems its not working anymore. My blacklist has nearly 200 words in it and anyway I get spam comments…
    I will try the solution mentioned by you. Thanks for the info…
    Regards from switzerland

  3. Hi Gilbert, things have moved on a bit a bit since I posted this post.

    I upgraded the blog to WordPress 1.5 and I am now only using my .htaccess file and my Blacklist to stop spam and it appears now to be working very well. My blacklist is very short – I can send it to you, if you wish.

    I have also installed Referrer Karma to minimise referrer spam and I think this is helping block a lot of the comment spammers as well.

Comments are closed.