How To Stop Spam Comments WordPress? (TOP 5 Tips)

To stop comment spam on your WordPress site, you can:

  1. Reduce the number of links allowed per post.
  2. Create a list of ‘blacklisted’ words.
  3. Set up a comment moderation system.
  4. Restrict comment privileges to registered users.
  5. Use an anti-spam plugin, such as Akismet.
  6. Move to a third-party comments plugin.


Why do I get so many spam comments on WordPress?

These spammers hope to use your website to improve the search engine ranking of their own sites and get accidental clicks from unsuspecting visitors. Many of these comments are left automatically by spambots, which are programs designed to comment on blogs and websites. Others are submitted by real people.

Why is my blog getting so many spam comments?

The whole reason why spammers leave spam comments on blogs is to link back to their own websites, so they can rank higher in the search results and get more traffic. Basically, people that are shamelessly and shadily promoting their websites.

How do I block spam bots on WordPress?

Go to the “Plugins” section of your WordPress dashboard. Click the “Add New” button on top of the page. In the search text bar on the right, enter “block spam bots ” and press enter. Find the plugin that works best for you, install and activate it.

How do I stop website spam?

5 Ways to Stop Website Spam

  1. Keep your domain private. You may not realize this but when you registered your website’s domain name (the, if you didn’t make it private then your email address is public record.
  2. Use a honeypot.
  3. Block bad countries.
  4. Use CAPTCHA on your forms.
  5. Prevent email harvesting.

How do I know if my WordPress comment is spam?

How to identify a spam comment

  1. Commenter’s name looks fake.
  2. Email doesn’t look legitimate.
  3. Comment contains a weird link or the website URL is bad.
  4. The comment itself is generic and could apply to any post or topic.

Which link format is used to fight blog comment spam?

A: We encourage you to use the rel=”nofollow” attribute anywhere that users can add links by themselves, including within comments, trackbacks, and referrer lists. Comment areas receive the most attention, but securing every location where someone can add a link is the way to keep spammers at bay.

How do I block a spam bot?

How to clean up the data:

  1. Block the spambots: use. htaccess files or plugins.
  2. Check the box in Google Analytics to block known spambots.
  3. Set up filters in Google Analytics so that the false positives don’t show if/when they get through.
  4. Some hosting companies offer services to also block malicious traffic.

How do I stop spam bots on my website?

The most obvious way to protect your website against malicious attacks is to frequently review your website analytics and run diagnostic reports. If spambots are detected, your webmaster can block them via. htaccess or through a plugin. You can also filter them in analytics.

What is the best anti-spam plugin for WordPress?

Best Anti-Spam WordPress Plugins

  • Titan Anti-spam & Security.
  • Stop Spammers.
  • Antispam Bee.
  • WordPress Zero Spam.
  • WP Armour.
  • Disable Comments.
  • Hide My WP.
  • Captcha Plus.

What is anti spam honeypot?

A honeypot is a field added to the form that the users can’t see due to CSS or JavaScript (which hides the field). Basically, a spambot fills in a field that valid users can’t see, alerting us to their activity. If the honeypot field is filled in, we can confidently reject the form as spam.

6 Ways to Stop Comment Spam on Your WordPress Website for Good

The content on Themeisle is completely free. When you make a purchase after clicking on one of our referral links, we receive a commission. Read on to find out more Comment spam, unfortunately, is an unavoidable reality of life on the internet. If you allow visitors to leave comments on your website, you will have to deal with spammers on a regular basis. You’ll need to find a strategy to halt comment spam in its tracks if you want to avoid giving visitors a negative initial impression of your website.

For WordPress users, there are a number of easy adjustments that can be used to prevent or conceal these comments before they are seen by your visitors.

The purpose of this essay is to provide some background information on comment spam and why it occurs.

Let’s have a look at this!

What comment spam is (and why it’s such a problem)

Spam comments are generally distinguishable from legitimate comments because of their generic nature. If you allow comments on your website, you will almost certainly receive spam remarks. As your site’s popularity rises, spam is likely to become an even more serious problem on your hands. There are many different sorts of comment spam available these days, but the majority of it is automated, uploaded by spam bots that utilize brief, generic words as a cover for putting links in the comments.

  • When it comes to spam comments, their generic content is often a dead giveaway. If you allow comments on your website, you will almost certainly receive some spam comments in return. It is possible that spam will become an even bigger problem for your site as it increases in popularity. Various sorts of comment spam may be found online these days, but the majority of it is automated, produced by spam bots that utilize brief, generic words as a cover for posting links. Comment spam, in whatever shape it takes, is a serious issue for the reasons listed below.

Spam comments are generally easily distinguished from legitimate comments by their generic nature. If you allow comments on your website, you are almost certain to receive spam remarks. As your site’s popularity grows, spam is likely to become an even bigger problem. There are many different sorts of comment spam these days, but the majority of it is automated, submitted by spam bots that utilize brief, generic posts as a cover for inserting links. Comment spam, in whatever shape it takes, is a serious issue for the following reasons:

How to stop comment spam on your WordPress website (6 simple solutions)

The six techniques listed below are all effective methods of preventing comment spam on your website. You can experiment with all of these strategies, or you can pick and select the ones that are most applicable to your situation.

1. Reduce the number of links allowed per post

Six innovative approaches to preventing comment spam on your website are presented below. Try all of these methods, or pick and choose the ones that are most relevant to your needs from the list above.

2. Create a list of ‘blacklisted’ words

Many spam comments contain a large number of easily identifiable keywords. This makes it easy to identify them and prevent them from displaying on your website in the future. You may simply establish a ‘blacklist’ of terms, and every remark that contains one of those words will be flagged by your site. To do so, navigate back toSettings Discussion in your WordPress admin and locate theComment Blacklistsection as follows: You can input your list of terms in this section. When a remark is written that contains one of those terms, it will be removed from the discussion and placed in the trash.

  • You may find recommendations on GitHub, where you can find a suggested comment blacklist for WordPress.
  • This implies that if you can make it more difficult for them to leave comments on your website, they may simply move on to the next target.
  • Spammers will be deterred from entering your comment area as a result of this.
  • This option is also accessible in theSettings Discussionsection of the WordPress administration interface.
  • In order to leave a comment and save your changes, users must first register and log in.
  • In some cases, if you have the necessary time and money, this might be an excellent method.
  • Alternatively, return toSettings Discussion and look at the section titled “Before a comment appears”: By selectingComment must be manually approved, any comments left on your site will be marked asPending until they have been reviewed and approved.

You may then go through each one and determine whether or not to allow it to through or to discard it. Detailed instructions on how to set up a comment moderation system may be found in the WordPress Codex.

5. Use an anti-spam plugin

Finally, we’d be negligent if we didn’t mention anti-spam plugins as well. These programs can provide a strong method of preventing comment spam while also taking care of the tedious task of sifting the excellent comments from the bad for you. Many WordPress installations come pre-installed with Akismet, and for good reason: it helps to keep spam out of your site. Due to the fact that this anti-spam plugin connects to a database of spam that is regularly updated, it is quite effective at identifying which comments are problematic and filtering them out.

  • Although Akismet is a good choice for the majority of people, there are a number of outstanding alternatives.
  • Regardless of whatever plugin you use, you will be taking an essential step in preventing comment spam on your blog or website.
  • Disqus is really the commenting system that we use here at Themeisle (you can scroll down and make a comment on this page to see it in action)!
  • Interested in either of these options?


In a short period of time, spam comments may clog up your site, making it appear unprofessional and driving away genuine visitors. Cleaning up all of the spam after the fact can be time-consuming. This implies that you should seriously consider devoting a little amount of work up front to create an effective anti-spam approach. You may take the following steps to prevent comment spam on your WordPress site:

  1. Reduce the number of links that can be included in a single post
  2. Make a list of words that should not be used
  3. Organize a mechanism for comment moderation
  4. Ensure that only registered users have the ability to comment
  5. Activate a spam-blocking plugin, such as Akismet. Changing to an external commenting plugin is recommended.

Is there anything else you’d like to know about how to put any of the techniques we’ve discussed into action? Fill in the blanks in the comments box below!

Free guide

Guide is available for free download.

12+ Vital Tips and Tools to Combat Comment Spam in WordPress

Are you becoming frustrated with the amount of spam you receive on your WordPress blog? You are not alone in your feelings. Spam comments are a major concern for any website that receives a significant amount of consistent traffic. In this article, we’ll go through the top WordPress comment spam plugins, as well as some useful methods for dealing with spam comments in your WordPress blog posts. These suggestions can save you a great deal of time and will greatly limit the amount of spam that appears on your website.

Why You Need to Deal with Comment Spam in WordPress

A common concern with WordPress websites is the proliferation of spam. Aiming to increase the search engine ranking of their own websites, these spammers hope to gain access to your website through accidental clicks from unsuspecting visitors. Many of these comments are left automatically by spambots, which are computer programs that are specifically designed to leave comments on blogs and websites on a regular basis. Real people have provided submissions for the others. They’re usually off-topic, poorly written, and contain links to third-party websites, among other characteristics.

And this has an impact on the reputation of your website.

Furthermore, if any of the comments contain links to viruses or malware, search engines may flag your site as hazardous. After that, let’s look at how you can effectively battle comment spam so that you may spend less time worrying about spam and more time expanding your online company.

1. Turn On Comment Moderation in WordPress

Let’s start by making sure that comments on your website can’t be published without your permission. This step will ensure that comments do not get past any filtering, and it will also give you complete control over which comments appear on your website in the first place. Websites for businesses, such as law firms and accounting firms, are highly recommended to use this solution. Access the Discussion page of your WordPress admin area by going to theSettings » Discussion page of your WordPress admin area.

You might be interested:  How To Become A Wordpress Developer? (Perfect answer)

Currently, all of your WordPress comments are being held for moderation, and you will be required to manually approve each comment before it appears on your website.

In the next few steps, we’ll teach you how to reduce spam comments from your site so that the comments you have to regulate are primarily legitimate.

2. Activate Akismet Spam Protection

Make sure that any comments posted on your website will not be published until you provide your permission. If you take this step, you will ensure that comments do not get past any filters while also giving you complete control over which remarks appear on your website. Websites for businesses, such as legal companies and accountancy organizations, are strongly suggested for use with this solution. Access the Discussion page of your WordPress admin area by going to theSettings » Discussion section of your dashboard.

Keep in mind to click the ‘Save Changes’ button at the bottom of the page when you have finished editing.

After reading through all of the comments, you may be wondering how long it will take.

3. Use Sucuri to Combat Spam Comments

A large number of requests from comment spammers might cause your website to slow down and negatively impact performance. While Akismet is effective at catching a large number of spam comments, it is unable to prevent spammers from reaching your website. Sucuricomes into play in this situation. With the finest WordPress firewall plugin, you can block suspicious requests before they reach your website. This plugin helps prevent automated bots and programs from submitting comments on your website by blocking them.

This decreases the amount of stress placed on your systems as well as the quantity of spam comments received. Learn how Securi assisted us in blocking 450,000 WordPress assaults over the course of three months.

4. Use Honeypot to Catch Spambots

In order to prevent spam, honeypot is a spam prevention technology that tests whether a commenter is a bot rather than requiring them to prove that they are a human. It was inspired by the proverb, “You can catch more flies with honey than vinegar,” which means “more flies can be caught with honey than vinegar.” When a honeypot is used, users are not required to complete a reCAPTCHA test to show they are human. Instead, they are presented with a challenge that is visible only by bots and not by humans.

Furthermore, once they have been identified as a bot, they can be prevented from posting a comment.

The software also includes options for trusting approved commenters, validating IP addresses, marking BBCode (Bulletin Board Code) links as spam, and checking publicly available anti-spam databases.

5. Add Google reCAPTCHA Verification

Google ReCAPTCHA is a more advanced version of the CAPTCHA that can determine whether a user is a bot or a real person. In the computer world, CAPTCHA is an abbreviation for ‘Completely Automated Public Turing Test to Tell Computers and Humans Apart.” Users are required to choose a checkbox to confirm that they are not a robot before proceeding. They will either pass straight away or be provided with a second exam, which will consist of a series of photographs in which they must click on the things that correspond.

Furthermore, whereas most CAPTCHA tests are considered unpleasant by consumers, reCAPTCHA gives the finest user experience.

See our article on how to add reCAPTCHA to the WordPress comment form if you want to learn more about how to put it up.

6. Prevent Imposter Comments

Occasionally, spammers may write comments on your website and attempt to deceive you by entering the username and email address of a registered user on your website. In the hopes that you will recognize the other person’s name or Gravatar and approve their comment, they post their comment. Installing and activating theImpostercideplugin is the most straightforward method of preventing impersonators from leaving comments on WordPress blogs. For further information, please refer to our step-by-step instructions on how to install a WordPress plugin (included).

Instead, they will get an error notice on their screen. Changing the error message may be done by going to theTools » Impostericide page.

7. Remove Website URL Field from Comment Form

Visitors to the comment form who seek to employ backlinks to improve their search engine rankings on certain keywords will be attracted to the website URL box in the comment form. Their sole purpose in making a remark is to obtain a hyperlink, not to contribute anything of actual worth to the topic. The author name of their comments will generally contain a keyword or a mix of a genuine name and a keyword, such as “Sally from Dunder Mifflin” or “John @SEOconsultants,” and their comments will often comprise a line or two of meaningless gibberish.

Real users will make comments on your content regardless of whether or not they receive a hyperlink.

8. Disable Comments on Media Attachments

A page for any picture or media item that you add to your website is automatically created by WordPress as an attachment page. On these pages, users have the ability to make comments. If photographs are an important element of your material, this feature may be beneficial. If not, it’s just another opportunity for spammers to take advantage of the situation. If you don’t want visitors to be able to remark on photographs, you should disable comments on media assets in your website. Installing and activating theDisable Commentsplugin is the most straightforward method of accomplishing this.

Following activation, you must navigate to theSettings » Disable Commentspage and select the checkbox next to the ‘Media’ option from the drop-down menu.

Comments on your WordPress media files and attachments will now be disabled as a result of the plugin.

9. Disable HTML in Comments

By default, WordPress permits certain HTML elements to be used within comments, which may be used to hide spam links and other malicious content. You may prevent this from happening by deactivating HTML in comments. In other words, any HTML tags that are included in a remark will be shown as text, but they will be rendered ineffective. For example, if someone uses thestrongtag, the tag will be visible in the remark, but the content will not be bolded because the tag is not used. It also implies that links will not be clickable in the future.

If you need assistance with adding code to your website, please see our beginner’s guide on how to paste snippets from the web into WordPress.

If $incoming comment equals htmlspecialchars($incoming comment), $incoming comment is equal to str replace(“”, “‘, $incoming comment), and $incoming comment is equal to return($incoming comment), then the following is true: function wpb comment display($comment to display) $comment to display = str replace(“‘, “‘”, $comment to display); return $comment to display; $comment to display = str replace(“‘, “‘”, $comment to display); ad filter(‘preprocess comment’, ‘wpb comment post’, “, 1); add filter(‘comment text’, ‘wpb comment display’, “, 1); ad filter(‘comment text rss’, ‘wpb comment display, “, 1); ad filter(‘comment excerpt’, This code converts HTML code into HTML entities, which are then displayed in the comment rather than being parsed by the browser, as shown below.

10. Set a Minimum and Maximum Comment Length

It happened to us once that there was a spam problem with comments, and a spammer was leaving hundreds of comments each hour with the word ‘hello’ in them. Because the remark appeared to be genuine, neither Akismet nor Sucuri were able to block it. Antispam Bee was able to slow down the spammer’s progress but was unable to completely stop the onslaught. We were able to prevent the spam by utilizing theYoast Comment Hacksplugin, which allows you to specify a minimum and maximum comment length for each post.

Following that, they received an error warning when they attempted to submit a remark consisting of only one word.

11. Disable Trackbacks in WordPress

As previously stated, one of the primary reasons that people leave comment spam is to receive trackbacks. In most cases, however, it is not necessary to have trackbacks enabled on your blog. You have the option of disabling trackbacks throughout your entire site or only in a specific article. This is a straightforward method of dramatically reducing comment spam. Simply go to theSettings » Discussionpage and start a discussion. You can disable ‘Allow link notifications from other blogs (wingbacks and trackbacks) on new articles’ by checking the box next to it.

You should now refer to our guide on how to disable trackbacks on existing posts to complete the process.

12. Turn Off Comments on Old Posts

WordPress provides the option of turning off comments on older posts. This is especially beneficial for websites that publish material that is updated on a regular basis, such as news or events websites. Alternatively, you may go to Settings » Discussion and look for the option ‘Automatically close comments on articles older than XX days’ under the heading “Other comment settings.” Please check the box next to this option and specify how long you want comments on a post to stay visible for before they are deleted.

If necessary, you may override the comment deadline in WordPress for certain posts where you would like comments to stay open indefinitely if you so choose.

BONUS – 13. Switch Off Comments

Perhaps you don’t need comments on your WordPress site, or you’ve discovered that comment moderation is eating up too much of your valuable time. You may always turn off comments in WordPress in order to eliminate comment spam completely. It is necessary to go toSettings » Discussion and clear the option next to ‘Allow people to submit comments on new articles’ in order to disable comments on new posts. In addition, you will have to turn off comments on all of your existing articles. Check out our tutorial on how to entirely deactivate comments in WordPress to learn more about the many options available.

Frequently Asked Questions by Users

What is the point of bombarding me? It isn’t meant to be taken personally. Spammers are attempting to improve their search engine rankings or to lure unsuspecting visitors to dubious and potentially harmful websites. They believe that through spamming, they would be able to obtain more links, which will in turn help their search ranks. There is almost seldom a personal assault directed at you in these situations. Rather, it is a methodical process that targets a large number of blogs. In the event that a remark is flagged as spam, what happens?

  • Instead, they are moved to the spam list on your Comments page, where they will remain until they are removed.
  • A link is also provided to allow you to remove a spam remark on an indefinite basis.
  • When you follow the first suggestion in this article and enable comment moderation on your website, you will be required to approve each and every remark that is placed on your page.
  • We hope you found this guide useful in learning how to prevent comment spam in WordPress.
  • We encourage you to subscribe to our YouTube Channel for more WordPress video tutorials if you enjoyed this post.
  • Please be aware that our material is sponsored by our readers.

See how WPBeginner is supported, why it is important, and how you can help us by donating. The Editorial Staff at WPBeginner is a group of WordPress specialists, lead by Syed Balkhi, who provides guidance and support. Over 1.3 million readers around the world put their trust in us.

Stop Spammers Security

How come I’m getting so many spam emails? It isn’t meant to be hurtful. spammers are attempting to improve their search engine ranks or to attract naïve users to questionable and harmful websites. Spammers believe that by generating more links, they would be able to improve their search engine results in some manner. There is almost seldom a personal assault directed at you. The method is much more organized and targets a large number of blogs. Is it possible to delete comments that have been flagged as spam?

  1. Instead, they are sent to the spam list on your Comments page, where they remain until they are removed.
  2. There is also a link that allows you to permanently remove a spam comment.
  3. As a result of implementing the first step in this article and enabling comment moderation, you will need to approve each and every remark that is posted on your website.
  4. We hope you found this guide useful in learning how to prevent comment spam in WordPress.
  5. We encourage you to subscribe to our YouTube Channel for more WordPress video tutorials if you enjoyed this post.
  6. Our work is funded by donations from our readers.
  7. View our funding model, why it matters, and how you can contribute to WPBeginner’s mission.
  8. Across 1.3 million readers all over the world put their trust in us!


  • Fix for the network toggle
  • Some browsers have a design problem with their symbol


  • Troubleshooting with the network toggle Some browsers have a design fault with their iconography


  • Notification Control is a useful tool. On the Users page, there is a sortable registration date column. Security
  • Auditing and cleaning up of code


  • Strings are now capable of being translated. Improvements to the user interface
  • WooCommerce security checks are performed. When approving permit requests, the email address is now included in the whitelist. Code inspection and cleaning
  • “Clear the Requests” turns off all of the other options. There are too many periods in the story


  • The addition of a private mode
  • UI enhancements There are too many periods in the story
  • To avoid potential problems with the server’s reputation, emails are now turned off by default. Code inspection and cleaning
  • For the time being, the shortened URL option only looks for precise matches.


  • When the community request for an allow list is authorized, an email is sent to the community. Allow List page (community request)
  • Approve or deny action in request email with link to Allow List page (community request)
  • Change the Stop Spammers menu icon to the letter ‘S’ logo
  • When the option is enabled, conditional fields are hidden when the page is loaded. Updates to multisite (as reported by the community)
  • Shortcode and HTML support for Spam Messages (as reported by the community)
  • In the accept request email template sent to the web administrator, the incorrect key was entered for the spam reason.
You might be interested:  How To Find Wordpress Blogs? (Correct answer)


  • Forcing users to use their usernames only
  • Forcing users to use their email addresses only Custom passwords should be disabled. More than 2,500 disposable email domains have been added to the block list. Notice of support


  • The ability to check for Tor Exit Nodes, check for too many periods, check for too many hyphens, allow Stripe, allow Authorize.Net, allow Braintree, allow Recurly, and improve the admin UI are all features included.


Is it getting out of hand with spam comments on your website? We’ve been there ourselves. Previously, our website received an average of 100 spam comments every day! Because, frankly, we were getting a little tired of having to physically delete them. And I’m confident that you are as well. The team experimented with a number of different approaches to decrease the amount of effort and time spent monitoring spam comments. Moreover, we have discovered what is most effective for you! In this guide, you will discover how to prevent spam comments from appearing on your WordPress site.

  • If this is the case, do not be concerned!
  • When you’re receiving hundreds of spam comments per day, you need to be as quick as possible.
  • Here are our recommendations, listed in descending order of preference.
  • Plugins are simple to set up and may save you a substantial amount of time.

It analyzes user comments with the help of a self-learning algorithm. It filters out apparent spam comments and categorizes the rest for you to review and approve. The following is the procedure to use it:

  • Having a problem with spam comments on your website? The situation is one that we are familiar with. The number of spam comments on our website used to be over 100 each day! To put it bluntly, we were getting a little tired of having to delete them manually. You, too, I’m sure, share this sentiment. To decrease the amount of work and time spent on spam comment moderation, we tried a number of different approaches. Moreover, we discovered what is most effective for you. How to prevent spam comments on WordPress will be covered in this tutorial. In order to begin with, you may be asking why you’re receiving spam comments in the first place. Fortunately, there is no need for concern. The next section can be skipped. The ability to respond quickly is critical when dealing with hundreds of spam comments per day. In order to save time and effort, you want a solution that is simple to set up and performs the required function efficiently and effectively. According to the order of choice, here are our suggestions: – Using a plugin to prevent or eliminate spam comments is the quickest and most effective method available for doing so. When properly configured, plugins may save you a great deal of time. We really enjoyed the following: WordPress websites are automatically equipped with the Akismet spam-prevention plugin, which may be found in the WordPress plugin directory. It analyzes user comments with the use of a self-learning algorithm. Removes spam comments that are obviously spam and categorizes the rest for your review and approval. Activating it is as follows:
  • After that, you’ll be prompted to create an Akismet account. Select “Set up your Akismet account” from the drop-down menu.
  • You will be taken to the Akismet website, where you can select a plan to suit your requirements. Their free plan is designed for personal or non-commercial blogs, while their premium plans are designed specifically for commercial sites and blogs. Following your selection, you’ll be prompted to provide information such as your website’s URL, email address, and so on.
  • Once you’ve entered all of the necessary information, Akismet will issue you an API key via email. Return to the WordPress Dashboard at this point. Settings may be found by going to PluginsAkismet and clicking on “Settings.” Then select “Manually enter API key” from the drop-down menu that appears.

Akismet has now been configured and will begin blocking spam comments shortly after that. It will also provide activity and data for individual commenters to assist you in identifying spammers who have left many comments. It can also detect links that have been placed into comments and flag them for moderation.Antispam Bee is another WordPress comments spam plugin that specializes in screening and deleting spam comments from websites. It provides a number of configurable options for categorizing and moderating spam comments on WordPress websites.

  • Comments that are geo-blocked
  • Spam Notifications sent via email
  • Allow only comments in a specific language to be posted
  • Spam statistics should be displayed as a widget on the dashboard. Assess the likelihood of spam comments by comparing them to a local spam database.

All you have to do to make this plugin functional is to install and activate it. After that, you may select whatever features you wish to make available. In addition to the WordPress comments form plugin, the ThereCAPTCHA in WP comments form plugin includes a Google reCAPTCHA as an additional step before users can post a remark to ensure they are human or not. This is one of the most successful methods of identifying and blocking bots on the internet. Adding a reCAPTCHA to your website is like to installing a lock on your front door – the bots no longer have access.

  • Create a WordPress site and install and activate the reCAPTCHA in WP comments form plugin
  • To make use of this functionality, you’ll need to get API keys, just like you did with Akismet. If you go to PluginsAntiSpam BeeSettings, you will be able to see the step-by-step procedure for obtaining and activating this feature.

Once the plugin has been launched, you can adjust the settings and specify what you want the plugin to do when it detects a spam remark on your website. As an example, here’s what would appear on a reCAPTCHA form: The main disadvantage of including a reCAPTCHA is that it interferes with the user experience and can be irritating. Genuine commentators may be discouraged from leaving a remark if they have to go through an additional step. Bonus Tip: If you’re using Cloudways, we’ve partnered with them to provide Bot Protection for you!

  • It also has the additional benefit of lowering your CPU consumption by more than 40%!
  • If you’d want to learn more about this feature and how to make advantage of it, see the Cloudways Bot Protection feature Announcement.
  • It’s not necessary to install yet another plugin on your website, so don’t worry about it!
  • Let’s get started!
  • You have the option of personally approving each and every remark before it is published on the website.
  • All comments will now be automatically kept in the Comments area of the website.
  • The most typical goal of spam comments is to obtain a backlink to your website from another site.
  • This is an example of a Black-Hat SEO link-building tactic.
  • Remove the possibility to include a URL from your website altogether and you will avoid this problem.
  • It is generally a good idea to create a backup of your website before making any coding modifications.

Alternatively, you may use a reputable backup plugin such asBlogVaultto preserve a backup of your site on their servers. They may be used to restore your website in a matter of seconds if something goes wrong. Following the creation of a backup, you must do the following steps:

  • In your WordPress Dashboard, hover your cursor over the “Appearance” menu. Now, from the drop-down option, select “Theme Editor” from the list. This will lead you to the code for the current theme you are using.
  • It is customary for the functions.php folder to be found at the top of the list of “Theme Files.” To use it, simply click on it.
  • Add the following code at the end of the folder to complete the look. Then click on “Update File” to save your changes.

//* The URL field has been removed from the comments function. remove url comments($fields) Using the following code, you can guarantee that the website URL field on your comment forms is no longer displayed: add filter(‘comment form default fields,’remove url comments’);

3. Add a minimum and maximum limit on the number of characters

Some spam bots are programmed to leave one-word comments, such as “Hello,” on websites. Because it appears to be innocent, automated spam prevention programs are unable to identify this comment as being spam. You can keep these bots out of your site by imposing a mandatory limit on the number of characters. The code in the functions.php file will need to be modified if you want to place a character restriction on the comments section.

  • Select AppearanceTheme Editor from the drop-down menu. Now open the functions.php file in your web browser. The following code should be included at the end of the file:

Create a filter using the parameters ‘preprocess comment’ and ‘wpb preprocess comment’; wpb preprocess comment($comment)if (strlen($comment)60)return $comment; wpb preprocess comment($comment)if (strlen($comment)60)return $comment; wpb preprocess comment($comment)if (strlen($comment)60)return $comment;

  • Now, select “Update File” from the drop-down menu. If someone attempts to post a remark that is fewer than the maximum number of characters allowed, the following notice will be displayed:

Disabling comments is the best option if you don’t want to waste time monitoring spam comments. In WordPress, you have the option of disabling comments for older posts, or even disabling comments on your entire blog permanently.

  1. Go to SettingsDiscussion and enable “Automatically shut comments on posts older than X days” under “Other Comments Settings”
  2. Then adjust the amount of days to your liking
  3. Then go back to SettingsDiscussion. WordPress currently prevents comments on posts that are more than the number of days old that you specify from being posted
  • In order to permanently disable the comments function on your website, navigate to SettingsDiscussion.
  • Disable the option under “Allow people to contribute comments on new postings” by clicking on it now.

Users will no longer be allowed to leave comments on new posts in the future. Bots are attempting to misuse your website in a variety of ways, one of which is by leaving spam comments. Bots are also programmed to guess your website’s password and gain access to your website’s content. A firewall is required to totally safeguard your website from all bots and to stop all types of bots. Using MalCare’s firewall security, you can secure your website against all types of bots, which is the most complete and effective solution available.

MalCare’s Real-time Firewall Protection employs a variety of techniques to prevent malicious bots from accessing your website.

Spam bots are identified by MalCare because they have a tendency to utilize malicious IP addresses, and they are promptly blocked.

The following are the steps to enable MalCare’s firewall protection:

  • The ability to comment on new posts will be removed in the future. Bots attempt to misuse your website in a variety of ways, one of which is by leaving spam comments. Additionally, bots are programmed to guess your website’s password and get access to your website’s content. A firewall is required in order to totally secure your website from all types of bots. In order to defend your site from all types of bots, MalCare’s firewall protection is the most comprehensive and effective option. Learn how something works by experiencing it first-hand! Multiple strategies are used by MalCare’s Real-time Firewall Protection to prevent harmful bots from accessing your website. You may expect it to be continually monitoring and analyzing the requests made to your website. Using MalCare, spam bots are identified since they have a tendency to utilize malicious IP addresses. Spam bots are automatically blocked by MalCare. Moreover, it provides login protection and keeps a record of any unwanted access to your WordPress Admin Dashboard or backend. How to enable MalCare’s firewall protection: Follow these steps to get started.
  • Insert the URL of your website into the plugin’s settings and click “Install.” There are two ways to accomplish this: either directly through MalCare’s dashboard or by installing the plugin from the WordPress Repository manually.
  • The firewall is immediately triggered when the plugin has been successfully installed. Using MalCare, you can now safeguard your website by automatically blocking harmful bot traffic and IP addresses.

To view the information, choose the arrow from the “Firewall” section and click on it.

  • A graph depicting the amount of traffic and login requests received, as well as the number of requests that have been banned, is displayed in the area that appears. To see the specifics, select “Show More” from the drop-down menu.

Using this feature, you can now see the entire details of all requests made to your site, including their country of origin, date and time of submission, and whether or not the request was granted or denied. MalCare’s Smart Firewall safeguards your site by preventing harmful bots from accessing it, which may drastically minimize the amount of spam you receive in comments. We’ve now gone over all of the different methods for getting rid of spam comments. But, hold on a sec, how does this even come to be in the first place?

Before we can answer this, you must first understand how simple it is to engage a bot to spam comments on a website.

In fact, when email spam is taken into consideration, only ten botnets account for 80 percent of all spam sent! The following are the reasons why these comment spam bots are employed:

  1. To use a link as a piggyback: Spam comments are a Black Hat SEO technique that is used to increase the number of backlinks to a website. Bots are used by unsolicited or low-quality websites to leave spam comments with links in an attempt to gain more search engine optimization points.
  1. Hackers employ bots to overburden your server and force it to break, which they call “server overloading.” In order to assault your login page and flood your server with requests, they send bots to do so. In addition to requests, comments can be made in response to these requests. While you’re occupied with restoring your site’s functionality, hackers are using other tactics to compromise your site’s security.
  1. Websites that spread viruses or sell medicines frequently employ spam comments to increase their traffic and turn it into a source of revenue. As a result, unsuspecting users wind up clicking on the link in the comments section and being sent to these uninvited websites.
You might be interested:  How To Make Pages On Wordpress? (Solution found)

As a result, we can observe how spam comments are being exploited to profit off of legitimate websites. It’s possible that you’ve already implemented some of the measures we’ve discussed to prevent spam comments. However, the battle does not end there. To get beyond anti-spam systems, spammers are continually innovating and refining their methods of communication and delivery. If you ever come across spam comments, it’s critical that you know how to recognize them and delete them. Here are a few pointers.

  • There is a questionable relationship between it and the following: Check to determine whether the URL has any numbers or if it is a reduced version of the original link. When this is done, it is generally for the purpose of redirecting to sites that sell drugs or spread infections.
  • It is really flattering, yet it is completely irrelevant: Spammers often use nice language, such as “Amazing post!” or “Great resource, will return for reference,” among other things. However, you’ll notice that these comments don’t truly offer anything to the discussion and don’t engage the article in any way.
  • It contains terms that are out of the ordinary: There are specialized terms in the comment, such as those used for SEO building, that do not seem like everyday English
  • The following is a brief and generic response: Like the second point, spammers say things like “Great article”, “Very good resource”, and other similar phrases. Bots typically make similar comments on a number of different websites.
  • The user’s name is the name of a corporation: The commentator appears to be a representative of a corporation rather than a private individual. In this scenario, it’s likely that they’re aiming to provide a link back to the company’s website.

What’s The Verdict?

We’ve gone through all of the different options for blocking WordPress spam comments, so now you can choose the one that works best for you! Our personal advice is to utilize MalCare’s firewall protection in conjunction with an anti-spam plugin such as Akismet to provide maximum protection. This has significantly decreased the amount of time we spend on comment moderation and has kept spam bots at bay! However, while stopping spam bots is a positive step, there are still a number of hazards that you must guard against in order to keep your website safe.

  1. MalCare is the most effective security plugin available.
  2. The best aspect is that it provides 1-Click Instant Malware Removal to ensure that your website is completely safe from hackers!
  3. Today is the day to try MalCare for free!
  4. Using the MalCare blog, Swaahili distills the knowledge he’s gathered from developing plugins to address the security vulnerabilities that administrators encounter.

6 Best Anti-Spam WordPress Plugins (How to Stop Comment Spam in WordPress)

Spam comments on WordPress are a source of frustration and time-wasters. The number of comments I receive on ShoutMeLoud each day exceeds 300, with 90 percent of them being spam. The situation has recently deteriorated to the point where I have decided to take matters into my own hands and eliminate the spam before it reaches my comment moderation queue. This piece is the result of my own frustration with spam comments on WordPress, which prompted me to write it. Comment spam is a brutal reality, and every blogger who is new to the game, eager, and unprepared will be overwhelmed by the sheer number of spam they get.

It is possible for spam to completely dominate your site database and cause you to be permanently blacklisted from the search engine index if you leave the problem unchecked for too long.

WordPress bloggers have a distinct edge in this regard.

But first, let’s take a look at the WordPress settings, which will assist you in keeping spam comments to a minimum to a large extent.

WordPress provides you with total control over the moderation of comments. However, it is your responsibility to ensure that no comments are published without first being approved by an administrator. Comments on your site are important in a variety of ways, including the following:

  • Incorporate useful information into the post: a thoughtful remark will get you more points and increase the overall worth of your blog post
  • Trust factor: If a large number of authentic and significant comments are left on your blog article, this will assist to increase the trust factor of your site. Search engine ranking: I’ve done some tests in the past where I’ve deleted all comments from previous posts, and the results have shown that my posts have suffered a significant drop in search engine ranking. It is important to note that having significant comments will boost the keyword density and variation on your site, resulting in a higher ranking.

The same goes for not moderating blog comments. If you do not moderate blog comments and spam comments are published on your site, you are more likely to suffer a fall in ranking, and your blog may be hit by the Google Penguin penalty. It is still necessary to edit old posts and delete any spam comments that have appeared on your blog, even if you have made the mistake of doing so previously. This includes comments such as “great post” and “good post,” which do not add any value to your content and should be avoided.

  • Check out this article on how a blogger should moderate blog comments.

We’ll start with WordPress discussion settings, which you should modify for your WordPress site in order to avoid WordPress comments spam and enhance the default comment settings of WordPress, before moving on to other topics. To get started, enter into your WordPress dashboard and click on SettingsDiscussion. Then, modify the settings as described further down in this section. Do take the time to read the information so that you are aware of what you are doing:

1. Default Article Settings:

This is the first section of the WordPress discussion settings, and you should uncheck the second option, which says “Allow link notifications from other blogs (pingbacks and trackbacks),” which says “Allow link notifications from other blogs (pingbacks and trackbacks).” Because I do not consider trackbacks and pingbacks to be particularly valuable in terms of providing value, I have left this option unchecked.

  1. For those who have unintentionally authorized trackbacks in the past, you can follow the instructions in this tutorial to remove all previously approved trackbacks.
  2. It is recommended that you use the second option if you run a membership site or if you want only registered users to leave comments on your blog.
  3. ” This is done to guarantee that you have total control over your blog comments, and that only comments that have been manually authorized should be published.
  4. If you are one of those writers who likes to regulate comments as soon as they are posted, I propose that you download the WordPress App for your smartphone (which is available for both iOS and Android devices) and monitor comments from wherever you are.

4. Comment moderation and blacklist:

This section is extremely useful if you want to deal with spam comments on your WordPress website. So far, all of the above-mentioned settings have been used to ensure that no comments are published without first being approved by the administrator. If you have chosen the option where a commentator’s remark will be automatically authorized if the commentator has previously approved a comment, you may further prevent spam by configuring comment moderation and blacklisting settings for the commentator.

Where X could be any number between 1 and 100.

It’s possible to create an entirely new category of comments for each word match.

You may obtain an up-to-date list of the WordPress comment blacklist by visiting this page.

This does not necessarily prevent spam comments from appearing on your blog, since we must employ anti-spam comment software. Spam detection plugins for WordPress that scan all comments in the moderation queue for spam.


WordPress Plugin Directory and Akismet are both available. With every WordPress installation, Akismet is included as a standard feature because it is a part of the WordPress ecosystem at its core. This is the most powerful anti-spam plugin available for WordPress, and it is also the most expensive. Akismet is a spam filter developed by Automattic that is extremely effective. It has an impressive set of enterprise-grade spam protection (and management) tools. One example is a self-learning spam detection algorithm, which keeps track of your ‘comments designated as spam’ and utilizes that information to automatically flag comments in the future.

Comments that pass the examination are published on your site’s front page, while the others are flagged as spam and subsequently deleted from your site.

Up to 50k spam checks per month are included with Akismet, but only for non-profit organizations and personal blogs.

  • Instructions on how to obtain a free Akismet API key for your WordPress blog

2. Anti-Spam Bee

WordPress Plugin Directory is available for download. When you consider that Anti-spam Bee has over a million active installations and is still growing, as well as a great letter of reference from WordPress co-founderMatt Mullenweghimself, you may be certain that you are not making a mistake. This plugin is completely free and extremely intelligent. There are a variety of features, including IP blacklisting (comment banning), trackback validation, database optimization (which many users obtain by installing a different plugin, such as WP Sweep), and more.

It also offers you full monthly analytics and spam activities.

In addition, it is absolutely free of any bothersome advertisements and meets with European data privacy rules, which is another another layer of frosting on top of the enormous cake of bliss.

3. CleanTalk

WordPress Plugin Directory is available for download. Anti-spam WordPress plugin that is available for a premium price and is hosted online (in the cloud). Using smart algorithms, CleanTalk detects spam within ‘genuine’ looking comments that have been uploaded to the Clean Talk cloud and prevents it from appearing in subsequent comments, registration/sign up form spam, and trackback spam. One of the nice advantages of Cleantalk is that it allows you to check for spam comments that have already been posted in WordPress.

You will also receive complete statistics and a comments log, as well as activities and history related to automatic moderation (spam detection).

Using the service is completely free for the first five days; after that, you can continue to use and scale up the service for a small annual fee of $8 per domain.

4. WordPress Zero Spam

WordPress Plugin Directory is available for download. This is one of the most straightforward spam protection plugins available. WordPress Zero Spam works by preventing comments from users who do not have JavaScript enabled on their browsers from being posted on the website. It works with both client-side and server-side JS validation, which effectively prevents the majority of bots from spamming the comments area. It’s completely free, and it’s perfectly compatible with practically every major (and reliable) WordPress plugin (with the exception of Jetpack), as well as a wide range of other contact form plugins.

5. Stop Spammers Spam Prevention

WordPress Plugin Directory is available for download. In terms of functionality, this is a multitasking plugin that can relieve you of some of the stress associated with dealing with comment spam. Spammers must be stopped. Spam Prevention detects and prevents comment spam, sign-up form spam, trackback spam, and contact form spam by passing them through a series of strong and comprehensive algorithms. The plugin has the ability to ban IP addresses from more than 100 different countries. It also provides a warning page (Request Denied) to the spammer (human or otherwise), which is soon followed by a captcha: this second layer prevents spambots from gaining access to the system.

  • It is necessary to read: Blog comments: When they are beneficial and when they are harmful

6. WP Armour – Honeypot Anti Spam

This is one of the most straightforward plugins available for preventing comment spam in WordPress. WP Armour employs the honeypot anti-spam approach to guard against spam in a variety of areas, including but not limited to the WordPress comment form. By utilizing this plugin, you may avoid spam in the following areas:

  • For WP Comments
  • For WP Registraton
  • For BBPress Forum
  • For Contact Form 7
  • For Ninja Forms
  • For Gravity Forms
  • For WPForms
  • For Formidable Forms
  • For Caldera Forms
  • For Toolset Forms

The most advantageous feature of the WP Armour plugin is that it is a plug and play plugin. It takes only a few minutes to setup and begin functioning right away. The free plugin is sufficient for occasional users, but individuals who are serious about catching spam and who want data can upgrade to any of the lifetime licenses available for this plugin. Download the free version||Download the professional version Conclusion Here they are: the five most effective WordPress plugins for protecting your site from spam and preventing it from collecting on your server and database in the first place.

The following articles have been hand-picked for you:

  • That it is a plug and play plugin is one of the most appealing aspects of the WP Armour plugin. It takes only a few minutes to setup and begin operating right away. Users who are serious about catching spam and who want data can upgrade to any of the lifetime licenses available for this plugin, which are available for a little additional fee. Download the free version||Download the professional version. Conclusion Here they are: the five most effective WordPress plugins for protecting your site from spam and preventing it from collecting in your server and database in the first place. Ensure that your WordPress website is clean and well-maintained, and install one of these plugins as soon as your site is up and running. For your consideration, the following articles:

I’m a blogger, an author, and a public speaker! Harsh Agrawal is widely regarded as a pioneer in the fields of digital marketing and financial technology. founder of ShoutMeLoud and a speaker at ASW, Hero Mindmine, Inorbit, IBM and the India Blockchain Summit among other conferences. In addition, she is an award-winning blogger.

Leave a Comment

Your email address will not be published. Required fields are marked *