How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF

As an open source CMS content management system, WordPress is favored by many webmasters. But the annoying thing about this out-of-the-box CMS system is that it has to deal with a lot of spam comments. Fortunately for

, you can block and filter out 99% of spam comments by installing plug-ins, some tricks or settings. As webmasters, we should not waste time managing spam comments, but should focus on managing website content. Too many spam comments on

can damage your website. It may affect your search engine rankings, affect the experience of your site’s comment users, and may even lead to site security risks. Therefore, it is well worth your time to shut out this “rubbish” through some strategies.

, how do you block WordPress spam comments? There are five ways:

  1. uses WP built-in function to block spam comments 7 ways
  2. uses plug-ins to block WordPress spam comments
  3. uses CAPTCHA to block WordPress spam comments
  4. uses third-party comment system to take over WP comment function
  5. uses Web application firewall to block WordPress spam comments

use WP Seven ways to intercept spam comments by setting the function,

, let’s explain it in detail first. How to use the built-in features of WordPress to block spam comments. There are seven ways to block spam comments using WP’s built-in features: the first thing

should do to fight WordPress spam comments is to set up WordPress comments. You can do this through the WordPress dashboard, “Settings”-“discussion”.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF1Discuss the setup interface

here, you can:

  1. completely disable comments
  2. turn off anonymous comments
  3. enable comment review
  4. only allow comments from logged-in users
  5. create blacklisted word lists
  6. reduce or disable links in comments
  7. disable comments on individual posts

you can also disable comments on individual posts through the article editing interface. Let’s explain each method one by one.

1. Completely disable the comment function

, which is one of the laziest ways. Maybe your site doesn’t need to use comments at all, so just disable them in order to protect yourself from spam. One of the easiest ways to do this is to uncheck the “allow others to comment on new articles” option under Settings & gt; discussions. As shown in the following figure:

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF2

Disable comment function

this will close comments on all new articles. You can also close pingback.

, please note that the article you have published does not close the comment. If you want to turn off these features, you need to do this for each article separately. We’ll talk about that later. When

is finished setting up, scroll to the bottom of the screen and click the Save changes button. All comments will now be disabled.

2. Turn off Anonymous comment

another option is to turn off Anonymous comment. WordPress asks visitors to provide four pieces of information: comments, nicknames, emails and websites.

will not need to fill in this information if anonymous comments are enabled. There will be an influx of spam comments on your website. To disable anonymous comments in WordPress,

simply check theSettings & gt; discussioninterface at the back of the WP dashboard and check the “” option.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF3

Turn off anonymous comments

this will make it more difficult for zombies to comment automatically (most spam comments come from zombies), but it’s not impossible. It may also prevent people from making malicious comments.

3. Enable comment Review

in my opinion, if your WordPress site if the real comments are not very frequent, or if you enable comment review is a good way.

starts with the ability to manually approve each comment. While this does not reduce spam comments, it ensures that visitors to your site only see high-quality comments that you have approved. The second one in

is the comment review rules. For example, if a comment contains a certain number or more links, you can automatically retain the comment. You can also create a list of words, names, URL,IP, etc., and comments that match these list rules should also be retained for review.

you can also set up an email to let you know when there are comments waiting for review.

  • to review all comments, please select comments must be manually approved. In order for
  • to review comments from new commentators, please select the author who has previously passed the review. For
  • to receive an email waiting for review comments (importantly, you can review and quickly approve or discard it), please select “notify me by email …” When there are comments waiting for review “option.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF4

Enable comment review

4. Only allow logged-in users to comment

if you want to further restrict the number of people who can comment, you can choose to allow comments only from the login site. If your site is a social networking site and you want to encourage visitors to comment, but shut out other commentators, you can do so.

To do this, in the “other comment Settings” section, select the “users must register and log in to comment” option.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF5

Allow logged-in users to comment

you also need to consider the settings for user registration-will you allow anyone to register or audit registration? You can access the registration settings by going to Settings & gt; General.

5. Create a list of blacklisted words

if you want to allow comments but do not want to comment on specific topics, you can set up a list of blacklisted words. This will include words commonly used by spam commentators, as well as words that you don’t want to appear on your site in relevant places, such as online dating.

if you do not want to mention or link to competing ​​ competitors’ products or websites, you can also include these products or websites (although please be careful not to go too far).

to create a list of blacklisted words, go to the comment blacklist field and enter a blacklisted word or phrase, one for each line. They don’t have to be limited to words: they can contain an e-mail address, a website URL,IP address, or anything you want to include.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF6

Create a blacklist of comments

you can improve your productivity by using the list of common words for spam comments provided by the open source community, which has compiled a large list of words. But personally, it would be wiser to check the list first and choose the words that suit you, because they may contain words that you don’t want to ban.

if you don’t want to completely ban comments that contain these words, but rather want to review them, simply add the list to the comment Review list. In this way, any comments that use these words will be retained for review, rather than being judged directly as spam. Alternatively, you can use a combination of the two, using some words in one field and some words in another field.

spam comments usually contain links because they are posted to attract visitors to click on links to increase traffic on these linked sites. You can completely ban comments with links, or you can reduce the number of links allowed in comments. In the comment Review section,

sets the number of comment links that need to be reviewed. To allow a link, use 2, or if any comment with a link needs to be reviewed, select 1.

or, if you want to allow comments with multiple links, select a larger number.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF7

Reduce the number of comment links
Comments with more

links than allowed by ​​ will be reviewed by the administrator before they can be posted.

7. Disable comments on individual articles

if you have posted an article before you disable WordPress comments, or if you only want to prohibit visitors from commenting on a specific article, you need to set it in the relevant article editing interface.

this feature is useful if you are posting articles on controversial topics, or if your articles attract a lot of spam comments.

goes to all articles, finds the article you want to edit, and then clicks its name to open the article editing interface.

finds the discussion tab and opens it. Uncheck allow comments to disable comments on the article. (note: traditional editor and Gutenberg editor may be different, Gutenberg editor, you need to find the discussion options settings under the document)

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF8

Article Editing Interface-discussion Settings

saves the changes to the article by clicking the Update button, and the article will no longer display or enable comments.

uses plug-ins to intercept WordPress spam comments

. If you feel that WordPress comment settings are not enough to meet your needs, or that such settings are too troublesome, you can install plug-ins to manage comments for you. This means that you can keep comments enabled on your site, but prevent spam and have the best of both worlds.

here are some plug-ins that can be used to block WordPress spam comments.

Akismet

is believed to be the most familiar plug-in. By default, every WordPress installation includes the Akismet plug-in, which is developed by the Automattic team. It analyzes data from millions of sites and communities in real time and protects your WordPress site from spam comments.

is one of the best WordPress plug-ins, personal sites are completely free, and commercial sites start at $5 / month. Check out the article “WordPress must-install spam intercepting plug-in Akismet” for more information about Akismet.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF9

Akismet plug-in

currently has more than 5 million active installations of the plug-in, thanks in large part to its installation as the default plug-in for WordPress. You can download Akismet from the WordPress plug-in library, or you can search for installation in the “plug-in” & gt; “install plug-in” in the WordPress dashboard (WordPress installation is already provided by default, unless you have deleted it).

this plug-in has a long history of setting up spam rules and filters to ensure that you see that comments are not spam.

if you run a commercial website, you need to pay an Akismet license fee, but it is free for personal blogs. The plug-in is very powerful and can block more than 99% of spam comments on WordPress sites.

Disable Comments

Disable Comments is another free WordPress plug-in, and unlike Akismet, the main function of this plug-in is to let you disable comments on articles globally. If you don’t want to use the comment feature on your WordPress site, this plug-in can help you do it quickly.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF10

The Disable Comments plug-in

uses the plug-in to remove comment links

you can add code to your WordPress site to quickly remove WordPress commentator links. Of course, in general, this is not recommended. Because, the consequence of this is that there may be no more comments on your site.

to do this, you can write a simple plug-in.

first creates a file for the plug-in in your wp-content/plugins directory and names it wbolt-comment-author-link.php or something.

then adds the following code to the plug-in file:


* Plugin Name: Remove Comment
Author Links Plugin URI: https://www.wbolt.com
Description: This plugin removes links to comment author websites, as a way of reducing the impact of comment spam.
Version: 1.0
Author: wbolt team
Author URI: https://www.wbolt.com
Textdomain: wbolt
License: GPLv2 * /
Function wbolt_remove_comment_author_link ($return, $author, $comment_ID) {
Return $author
}
Add_filter (‘get_comment_author_link’,’ wbolt_remove_comment_author_link’, 10,3)

Function wbolt_remove_comment_author_url () {
Return false
}

Add_filter (‘get_comment_author_url’,’ wbolt_remove_comment_author_url’);

function remove_website_field($fields) { unset($fields['url']); 
         return $fields; 
} 
add_filter('comment_form_default_fields', 'remove_website_field');

, you can also completely delete the URL address from the comment if necessary. Simply add this code to your plug-in:

saves the plug-in file and then enables the plug-in in the plug-ins-installed plug-ins list.

this plug-in may not be suitable for some topics, depending on how the comments feature is encoded. If your WordPress topic uses a standard comment form, it will work. If not, try looking at the code of the topic comment form to find the filter hook you are using.

if you have any questions, please use a third-party plug-in instead. And do not edit the theme file unless you developed the theme yourself, or you will lose your changes the next time you update the theme.

‘s other spam interceptor,

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF11

Anti-spam plugin

Akismet, is by far the most popular spam blocker (largely because it’s pre-installed), but that doesn’t mean it’s unique. You can try the following options:

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF12

WPBruiser plugin

Anti-spam is available in both free and paid versions, the paid plug-in provides spam checking on existing comments, and provides 24max 7 technical support.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF13

Antispam Bee plugin

WPBruiser {no-Captcha anti-Spam} uses algorithms to find spam comments, thus avoiding dependence on Captcha images.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF14

Spam protection, AntiSpam, FireWall by CleanTalk plugin

Antispam Bee, a free plug-in, can also prevent comment spam without sending your data to third-party websites.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF15

WordPress Zero Spam plugin

Spam protection, AntiSpam, FireWall by CleanTalk (the plug-in name is as long as a street) can be used not only with comments, but also with forms plug-ins including Contact Form 7 Gravity Form s and Mailchimp.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF16

All In One WP Security & Firewall plugin

WordPress Zero Spam is another plug-in that helps you avoid using CAPTCHA, and is also compatible with forms plug-ins including Contact Form 7 and Gravity Forms.

All In One WP Security & Firewall is an all-in-one security plug-in that also blocks spam comments.

plug-ins are designed to be compatible with the WordPress default comment form: if you use a third-party comment system, you need to use the anti-spam comment feature that comes with the system. If

thinks WP’s comment setting function is tedious, use the comment blocking plug-in to quickly solve your troubles! As far as the editor is concerned, the plug-in Akismet is sufficient. Of course, the needs of each website are different, which way should be used to deal with spam comments, should be tailored to local conditions, the right medicine.

uses CAPTCHA to intercept WordPress spam comments in the blogosphere of

abroad, especially like to use CAPTCHA CAPTCHA as a tool for intercepting spam comment robots. In the form of some form or question, to prove that the visitor is a real person, not a robot. There are many great plug-ins to help you implement this strategy into WordPress sites, and most of them are completely free.

Google Captcha (reCAPTCHA) by BestWebSoft

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF17

reCaptcha by BestWebSoft

however, such validation methods are sometimes unfriendly, especially if you use the type of image that requires people to identify certain objects in it. However, more and more websites are using CAPTCHA fields with “I am not a robot” check box, which robots cannot fill in. When

talks about the CAPTCHA strategy, the first thing we should think of is Google’s CAPTCHA (or reCAPTCHA), which you can often see when visiting foreign websites (there is no way to use Google’s reCaptcha at home because of GFW). The reCaptcha provided by Google is probably one of the cleanest and easiest tools to use without compromising the user experience by asking confusing questions or displaying difficult letters.

you don’t want anyone to leave your site just because they’re confused about CAPTCHA. If your website is abroad, the editor specially recommends the Google Captcha (reCAPTCHA) by BestWebSoft plug-in.

the plug-in doesn’t have to let you read illegible letters, numbers or recognize elements in photos, but just asks users to tick a box to make sure they’re not robots. The box can only be checked manually, and the robot cannot do this check action.

you need to use Google’s Captcha API to register your website and select reCAPTCHA v2 as the check box, or reCAPTCHA v3 as the verification code to use JavaScript to check spam comments without any user action.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF18

Related reading: Invisible reCaptcha

, which is better than the WordPress anti-spam plug-in Akismet, registers Google reCAPTCHA

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF19

for your website, and then you will get a Site Key and a private key, and then copy it to the plug-in settings interface on the site. And check “Comments Form” under the Enable ReCAPTCHA setting option, and finally click the “Save Changes” button. The

reCaptcha plug-in sets up

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF20

now, when users try to add comments, they must first select “I’m not a robot” before they can participate in comments.

uses the Captcha plugin’s comment message

  • other features include:
  • it is also suitable for registration form, login form, reset password form and so on.
  • hides CAPTCHA from whitelisted IP.
  • has different theme styles.

supports multiple languages and RTL.

other ReCaptcha plug-ins

  • in addition to the Google Captcha (reCAPTCHA) by BestWebSoft above, there are many reCaptcha plug-ins available, some of which need to be used in conjunction with third-party plug-ins (such as forms plug-ins).
  • Cerber Security, Antispam & Malware Scan uses Google’s ReCaptcha to block spam comments and prevent other types of attacks.
  • Simple Google reCAPTCHA is designed to help you quickly add reCaptcha to your website.
  • Advanced noCaptcha & invisible Captcha (v2 & v3) can also use reCAPTCHA API v3 to add invisible CAPTCHA.

Stop Spammers aims to add Captcha to comments and other forms to prevent spam comments. The last two ways of

are to use a third-party comment system to take over the comment function of WP and to apply the firewall.

uses a third-party review system to take over the WP review function

in the first three methods do not meet your needs, you can also consider a more aggressive way is to abandon the WP native review system and replace it with a third-party review system plug-in.

We once used the Disqus platform on an overseas project, which can indeed block more than 99% of spam comments, and webmasters never take the time to clean up spam comments.

How to block WordPress spam comments? Optional illustrations with built-in functions, spam plugin, CAPTCHA and WAF21

Disqus Conditional Load

, however, it cannot be said that there is nothing wrong with Disqus. Because you have to pay to delete Disqus interface ads, otherwise this may affect the performance and user experience of your site.

if you want to use Disqus on your blog, we recommend using the free Disqus Conditional Load plug-in. This is developed by Joel James, and the most important feature of the plug-in is the delayed loading of comment content so as not to degrade the performance of the WordPress site.

installs and enables plug-ins and registers Disqus in a normal manner. This plug-in is more reliable than the official Disqus plug-in.

, an alternative to

  • Disqus, if you are uncomfortable with the way Disqus ads are placed, you can use other third-party comment plug-ins. Some of them have improved the built-in comment system, while others have replaced them directly.
  • Yoast Comment Hacks allows you to customize comments and add settings, such as forbidding comments below and above a certain length, redirecting first comments to the “thank you” page, and cleaning up comment notification emails.
  • The wpDiscuz plug-in claims to be the “best Disqus replacement plug-in”.
  • Super Socializer can add social comments to your site so that people can use their social media accounts to post comments.

The Jetpack plug-in includes a series of designs that provide some of the features of WordPress.com, including the use of Akismet to intercept spam comments.

uses Web application firewalls to block WordPress spam comments

to add Web application firewalls (WAF) such as Sucuri or Cloudflare can greatly reduce the number of spam comments received by WordPress sites.

, why? Because these services are located between your WordPress host and your website to block and filter all bad proxy traffic and robots. With them, you can even easily block the whole country.

WAF can also help reduce bandwidth and access times, thereby saving you monthly server hosting costs.

summary

WordPress comes with an out-of-the-box comment system, but sometimes there are some shortcomings in the system.

  • if you want to protect your site from spam comments, you need to take additional measures to stop it. These may be:
  • configures WordPress to block or review your comments.
  • installs third-party comments and spam blocking plug-ins.

creates your own plug-ins to prevent spam comments on your site.

at first, browsing WordPress spam comments can be annoying and frustrating. But now you have a variety of ways to permanently combat and prevent such spam comments.

Disclaimer: All articles on this website, unless otherwise specified or marked, are original and published on this website. Any individual or organization is prohibited from copying, stealing, collecting, or publishing the content of this site to any website, book, or other media platform without the consent of this site. If the content on this website infringes on the legitimate rights and interests of the original author, you can contact us for assistance.