As an open source CMS content management system, WordPress is favored by many webmasters. But the annoying thing about this out-of-the-box CMS system is that it has to deal with a lot of spam comments.
Fortunately, you can block and filter 99% of spam comments by installing plug-ins, some tricks or settings. As webmasters, we should not waste time managing spam comments, but should focus on managing website content.
Too many spam comments can damage your website. It may affect your search engine rankings, affect the experience of your site’s comment users, and may even lead to site security risks. Therefore, it is well worth your time to shut out this “rubbish” through some strategies.
So, how do you block WordPress spam comments? There are five ways:
- Seven ways to intercept junk comments using WP built-in functions
- Use plug-ins to intercept WordPress spam comments
- Use CAPTCHA to intercept WordPress spam comments
- Use a third-party comment system to take over the WP comment function
- Use the Web application firewall to block WordPress spam comments
Seven ways to intercept junk comments using WP built-in functions
Let’s start with a specific explanation of how to use the built-in features of WordPress to block spam comments. There are 7 ways to block spam comments using the built-in features of WP:
The first thing you should do to fight WordPress spam is to set up WordPress comments. You can do this through the WordPress dashboard, “Settings”-“discussion”.
Discuss the setup interface
Here, you can:
- Completely disable comments
- Turn off anonymous comments
- Enable comment review
- Only comments from logged in users are allowed
- Create a list of blacklisted words
- Reduce or disable links in comments
- Disable comments on individual posts
You can also disable comments on individual articles through the article editing interface. Let’s explain each method one by one.
1. Completely disable the comment function
This is one of the laziest ways. Maybe your site doesn’t need to use comments at all, so just disable them in order to protect yourself from spam. One of the easiest ways to do this is to uncheck the “allow others to comment on new articles” option under Settings & gt; discussions. As shown in the following figure:
Disable comment function
This will close comments on all new articles. You can also close pingback.
Please note that the article you have published does not close the comment. If you want to turn off these features, you need to do this for each article separately. We’ll talk about that later.
When you are finished setting up, scroll to the bottom of the screen and click the Save changes button. All comments will now be disabled.
two。 Turn off anonymous comments
Another option is to turn off anonymous comments. WordPress asks visitors to provide four pieces of information: comments, nicknames, emails and websites.
If anonymous comments are enabled, you will not need to fill in this information. There will be an influx of spam comments on your website.
To disable anonymous comments in WordPress, simply click in the WP dashboard background“Settings” & gt; “discussion”Interface, check ““option.
Turn off anonymous comments
This will make it more difficult for zombies to comment automatically (most spam comments come from zombies), but it’s not impossible. It may also prevent people from making malicious comments.
3. Enable comment review
In my opinion, if your WordPress site if the real comments are not very frequent, or enable comment review is a good way.
The first is the ability to approve each comment manually. While this does not reduce spam comments, it ensures that visitors to your site only see high-quality comments that you have approved.
The second is the review rules. For example, if a comment contains a certain number or more links, you can automatically retain the comment. You can also create a list of words, names, URL,IP, etc., and comments that match these list rules should also be retained for review.
You can also set up an email to inform you when there are comments waiting for review.
- To review all comments, the selected comments must be manually approved.
- To review comments from new commentators, select the comment author who must have previously passed the review.
- To receive an email waiting for review comments (importantly, you can review and quickly approve or discard it), please select “notify me by email …” When there are comments waiting for review “option.
Enable comment review
4. Only logged-in users are allowed to comment
If you want to further restrict the number of people who can comment, you can choose to allow comments only from users of the login site. If your site is a social networking site and you want to encourage visitors to comment, but shut out other commentators, you can do so.
To do this, in the “other comment Settings” section, select the “users must register and log in to comment” option.
Allow logged-in users to comment
You also need to consider the settings for user registration-will you allow anyone to register or audit registration? You can access the registration settings by going to Settings & gt; General.
5. Create a list of blacklisted words
If you want to allow comments but do not want to comment on a specific topic, you can set up a list of blacklisted words. This will include words commonly used by spam commentators, as well as words that you don’t want to appear on your site in relevant places, such as online dating.
If you do not want to mention or link to competitors’ products or websites, you can also include these products or websites (although please be careful not to go too far).
To create a list of blacklisted words, go to the comment blacklist field and enter a blacklisted word or phrase, one for each line. They don’t have to be limited to words: they can contain an e-mail address, a website URL,IP address, or anything you want to include.
Create a blacklist of comments
You can improve your productivity by using the list of common words for spam comments provided by the open source community, which has compiled a large list of words. But personally, it would be wiser to check the list first and choose the words that suit you, because they may contain words that you don’t want to ban.
If you do not want to completely ban comments that contain these words, but rather want to review them, simply add the list to the comment Review list. In this way, any comments that use these words will be retained for review, rather than being judged directly as spam. Alternatively, you can use a combination of the two, using some words in one field and some words in another field.
6. Reduce or disable links in comments
Spam comments usually contain links because they are published to attract visitors to click on links to increase traffic on these linked sites. You can completely ban comments with links, or you can reduce the number of links allowed in comments.
In the comment Review section, set the number of comment links that need to be reviewed. To allow a link, use 2, or if any comment with a link needs to be reviewed, select 1.
Or, if you want to allow comments with multiple links, select a larger number.
Reduce the number of comment links
Comments with more links than allowed by will be reviewed by the administrator before they can be posted.
7. Disable comments on individual articles
If you have posted an article before you disable WordPress comments, or if you only want to prohibit visitors from commenting on a specific article, you need to set it in the relevant article editing interface.
This feature is useful if you are posting articles on controversial topics, or if your articles attract a large number of spam comments.
Go to all articles, find the article you want to edit, and then click its name to open the article editing interface.
Locate the discussion tab and open it. Uncheck allow comments to disable comments on the article. (note: the traditional editor may be different from the Gutenberg editor, Gutenberg editor, you need to find the discussion option settings under the document)
Article Editing Interface-discussion Settings
Save the changes to the article by clicking the Update button, and the article will no longer display or enable comments.
Use plug-ins to intercept WordPress spam comments
If you feel that the WordPress comment settings are not enough to meet your needs, or if you think such a setting is too troublesome, you can install a plug-in to manage comments for you. This means that you can keep comments enabled on your site, but prevent spam and have the best of both worlds.
Here are some plug-ins that can be used to block WordPress spam comments.
Akismet
This plug-in is believed to be the most familiar. By default, every WordPress installation includes the Akismet plug-in, which is developed by the Automattic team. It analyzes data from millions of sites and communities in real time and protects your WordPress site from spam comments.
It is one of the best WordPress plug-ins, personal sites are completely free, and commercial sites start at $5 / month. Check out the article “WordPress must-install spam intercepting plug-in Akismet” for more information about Akismet.
Akismet plug-in
Currently, the plug-in has more than 5 million active installations, thanks in large part to the fact that it is installed as the default plug-in for WordPress. You can download Akismet from the WordPress plug-in library, or you can search for installation in the “plug-in” & gt; “install plug-in” in the WordPress dashboard (WordPress installation is already provided by default, unless you have deleted it).
The plug-in has a long history of setting up spam rules and filters to ensure that you see that comments are not spam.
If you run a commercial website, you need to pay an Akismet license fee, but it is free for personal blogs. The plug-in is very powerful and can block more than 99% of spam comments on WordPress sites.
Disable Comments
Disable Comments is another free WordPress plug-in, and unlike Akismet, the main function of this plug-in is to let you disable comments on articles globally. If you don’t want to use the comment feature on your WordPress site, this plug-in can help you do it quickly.
Disable Comments plug-in
Use plug-ins to remove comment links
You can add code to your WordPress site to quickly delete WordPress commentator links. Of course, in general, this is not recommended. Because, the consequence of this is that there may be no more comments on your site.
To do this, you can write a simple plug-in.
First create a file for the plug-in in your wp-content/plugins directory and name it wbolt-comment-author-link.php or something.
Then add the following code to the plug-in file:
/ * Plugin Name: Remove Comment Author Links Plugin URI: https://www.wbolt.com Description: This plugin removes links to comment author websites, as a way of reducing the impact of comment spam. Version: 1.0Author: wbolt team Author URI: https://www.wbolt.com Textdomain: wbolt License: GPLv2 * / function wbolt_remove_comment_author_link ($return, $author, $comment_ID) {return $author;} add_filter ('get_comment_author_link',' wbolt_remove_comment_author_link', 10,3); function wbolt_remove_comment_author_url () {return false } add_filter ('get_comment_author_url',' wbolt_remove_comment_author_url')
If necessary, you can also completely delete the URL address from the comment. Simply add this code to your plug-in:
function remove_website_field($fields) { unset($fields['url']); return $fields; } add_filter('comment_form_default_fields', 'remove_website_field');
Save the plug-in file, and then enable the plug-in in the plug-ins-installed plug-ins list.
This plug-in may not apply to some topics, depending on how the comments feature is encoded. If your WordPress topic uses a standard comment form, it will work. If not, try looking at the code of the topic comment form to find the filter hook you are using.
If in doubt, please use a third-party plug-in instead. And do not edit the theme file unless you developed the theme yourself, or you will lose your changes the next time you update the theme.
Other junk comment blocking plug-ins
Akismet is by far the most popular spam blocking plug-in (largely because it’s pre-installed), but that doesn’t mean it’s unique. You can try the following options:
Anti-spam plugin
Anti-spam is available in both free and paid versions, and the paid plug-in provides spam checking on existing comments and technical support for 24handle 7.
WPBruiser plugin
WPBruiser {no-Captcha anti-Spam} uses algorithms to find spam comments, thus avoiding dependence on Captcha images.
Antispam Bee plugin
Antispam Bee, a free plug-in, can also prevent comment spam without sending your data to third-party websites.
Spam protection, AntiSpam, FireWall by CleanTalk plugin
Spam protection, AntiSpam, FireWall by CleanTalk (the plug-in name is as long as a street) can be used not only with comments, but also with forms plug-ins including Contact Form 7 gravity Form s and Mailchimp.
WordPress Zero Spam plugin
WordPress Zero Spam is another plug-in that helps you avoid using CAPTCHA, and is also compatible with forms plug-ins including Contact Form 7 and Gravity Forms.
All In One WP Security & Firewall plugin
All In One WP Security & Firewall is an all-in-one security plug-in that also blocks spam comments.
These plug-ins are designed to be compatible with the WordPress default comment form: if you use a third-party comment system, you need to use the anti-spam comment feature that comes with the system.
If you think WP’s comment settings are cumbersome, use the comment blocking plug-in to quickly solve your troubles! As far as the editor is concerned, the plug-in Akismet is sufficient. Of course, the needs of each website are different, which way should be used to deal with spam comments, should be tailored to local conditions, the right medicine.
Use CAPTCHA to intercept WordPress spam comments
In foreign blog circles, they especially like to use CAPTCHA CAPTCHA as a tool to intercept spam comment robots. In the form of some form or question, to prove that the visitor is a real person, not a robot. There are many great plug-ins to help you implement this strategy into WordPress sites, and most of them are completely free.
However, such validation methods are sometimes unfriendly, especially if you use the type of image that requires people to identify certain objects. However, more and more websites are using CAPTCHA fields with “I am not a robot” check box, which robots cannot fill in.
Google Captcha (reCAPTCHA) by BestWebSoft
reCaptcha by BestWebSoft
When it comes to CAPTCHA strategy, the first thing we should think of is Google’s CAPTCHA (or reCAPTCHA), which you can often see when visiting foreign websites (Google’s reCaptcha is not available at home because of GFW). The reCaptcha provided by Google is probably one of the cleanest and easiest tools to use without compromising the user experience by asking confusing questions or displaying difficult letters.
You don’t want anyone to leave your site just because they’re confused about CAPTCHA. If your website is abroad, the editor specially recommends the Google Captcha (reCAPTCHA) by BestWebSoft plug-in.
The plug-in does not require you to read illegible letters, numbers or identify elements in photos, but simply asks users to tick a box to make sure they are not robots. The box can only be checked manually, and the robot cannot do this check action.
You need to use Google’s Captcha API to register your website and select reCAPTCHA v2 as the check box, or reCAPTCHA v3 as the verification code to use JavaScript to check spam comments without any user action.
Related reading: better Invisible reCaptcha than WordPress anti-spam plug-in Akismet
Register Google reCAPTCHA for your website
You will then get a Site Key and a private key and copy it to the plug-in settings interface on the site. And check “Comments Form” under the Enable ReCAPTCHA setting option, and finally click the “Save Changes” button.
ReCaptcha plug-in Settings
Now, when users try to add comments, they must first select “I’m not a robot” before they can participate in the comments.
Comment messages using the Captcha plug-in
Other features include:
- It also applies to registration forms, login forms, reset password forms, and so on.
- Hide CAPTCHA from whitelisted IP.
- Different theme styles.
- Support for multiple languages and RTL.
Other ReCaptcha plug-ins
In addition to the Google Captcha (reCAPTCHA) by BestWebSoft above, there are many reCaptcha plug-ins available, some of which need to be used in conjunction with third-party plug-ins (such as forms plug-ins).
- Cerber Security, Antispam & Malware Scan uses Google’s ReCaptcha to block spam comments and prevent other types of attacks.
- Simple Google reCAPTCHA is designed to help you quickly add reCaptcha to your website.
- Advanced noCaptcha & invisible Captcha (v2 & v3) can also use reCAPTCHA API v3 to add invisible CAPTCHA.
- Stop Spammers aims to add Captcha to comments and other forms to prevent spam comments.
The last two ways are to use a third-party comment system to take over the comment function of WP and to apply the firewall.
Use a third-party comment system to take over the WP comment function
When the first three methods do not meet your needs, you can also consider a more aggressive approach is to abandon the WP native review system and replace it with a third-party review system plug-in.
We once used the Disqus platform on an overseas project, which can indeed block more than 99% of spam comments, and webmasters never take the time to clean up spam comments.
However, it cannot be said that there is nothing wrong with Disqus. Because you have to pay to delete Disqus interface ads, otherwise this may affect the performance and user experience of your site.
Disqus Conditional Load
If you want to use Disqus on your blog, we recommend using the free Disqus Conditional Load plug-in. This is developed by Joel James, and the most important feature of the plug-in is the delayed loading of comment content so as not to degrade the performance of the WordPress site.
Install and enable plug-ins and register Disqus in the normal way. This plug-in is more reliable than the official Disqus plug-in.
Disqus substitute
If you are uncomfortable with the way Disqus ads are placed, you can use other third-party comment plug-ins. Some of them have improved the built-in comment system, while others have replaced them directly.
- Yoast Comment Hacks allows you to customize comments and add settings, such as forbidding comments below and above a certain length, redirecting first comments to the “thank you” page, and cleaning up comment notification emails.
- The wpDiscuz plug-in claims to be the “best Disqus replacement plug-in”.
- Super Socializer can add social comments to your site so that people can use their social media accounts to post comments.
- The Jetpack plug-in includes a series of designs that provide some of the features of WordPress.com, including the use of Akismet to intercept spam comments.
Use the Web application firewall to block WordPress spam comments
Adding a Web Application Firewall (WAF) such as Sucuri or Cloudflare can greatly reduce the number of spam comments received by WordPress sites.
Why? Because these services are located between your WordPress host and your website to block and filter all bad proxy traffic and robots. With them, you can even easily block the whole country.
WAF can also help reduce bandwidth and visits, thereby saving you monthly server hosting costs.
Summary
WordPress comes with an out-of-the-box comment system, but sometimes there are some deficiencies in the system.
If you want to protect your site from spam comments, you need to take additional measures to stop it. These may be:
- Configure WordPress to block or review your comments.
- Install third-party comments and spam blocking plug-ins.
- Create your own plug-ins to prevent spam comments on your site.
At first, browsing WordPress spam comments can be annoying and frustrating. But now you have a variety of ways to permanently combat and prevent such spam comments.
But spam protection is still only a small part of the problem-the user experience. You must also pay attention to the performance, security, and usability of the site.