Get Rid of WordPress Comment Spam

Tags: , , , , , , ,

WordPress SpamBack when this blog was on Blogware, fighting trackback and comment spam was impossible. The filtering scripts were not that good and all around, I just had to moderate by hand, which is no easy task for a popular Web site of any shape or size.

When I moved to my own hosting account with WordPress installed, my battle with spam got a heck of a lot easier.

For me, 99% of my spam and trackback spam is filtered out by the Askimet WordPress plugin. If Askimet doesn’t do it for you, or you need even more protection though - I have a few suggestions.

Spam Karma 2 - This plugin works by running all of your comments and trackbacks through a list of tests, and then grades it by “karma”. It also has a few other spam prevention tools built in as well. If Askimet wasn’t working for me, this would be my number two choice.

Comment Timeout - This neat tool allows you to turn commenting off for older posts. Chances are if they haven’t added a comment in a year, they never will. This will leave less holes for spammers to find to post their “v1agra” loving messages.

Bad Behavior - Bad Behavior is a set of PHP scripts which prevents spambots from accessing your site by analyzing their actual HTTP requests and comparing them to profiles from known spambots.

One word of caution, don’t go overboard with spam filtering or you are going to piss off your readers. If they have to jump through 20 hoops to post a comment and so that you can say you get no comment or trackback spam, you are not going to see too many new comments on your Web site.

You need to find the thin line between filtering crap and keeping comment posting easy for your readers.

Need more? Check out this list of anti-spam plugins via the WordPress Web site. The list looks a little out of date with some of the links, but should be a good place to get started at least.

Related Posts

Bookmark and Share  

Filed Under: Web Development on April 11, 2007 at 8:22 am

Comments and Feedback

Quix0r said on April 11, 2007 @ 10:26 am

Additionally add forbidden fields with names like “some_url”, “bla_homepage”, “foo_email”, “bar_name”. Stupid spammers will tell their bots to fill out fields with names like the suffixes above (url, email, name, homepage). I have tried it here and a half of all spams has filled out such forbidden fields. :) The other half got stopped by a verification code (MD5 checksum) and authorization code in the URL like wp-comments-post-xxx.php.

Sure, this requires mod_rewrite… ;)

Mitch said on April 11, 2007 @ 10:42 am

Hey Quix0r, I just had a look at your “plugin in progress” and I have to say I am pretty impressed. I have definitely subscribed to your RSS feed and look forward to the “public-ready” version to come out.

Quix0r said on April 11, 2007 @ 12:39 pm

Well, I currently have to find a bug in my plugin. :-/ It happens when you have installed SK2 and enabled the SK2-plugin. Even with a valid key my plugin “thinks” your key is not set or invalid length… :(
Okay, have you found the CPR-Feed? Then you will get latest postings only around my CPR plugin.

Quix0r said on April 11, 2007 @ 2:18 pm

Btw: Do you have a feed for comments? I have only found a feed for postings.

Mitch said on April 11, 2007 @ 2:29 pm

Yes, I think that is the one I picked up. No, don’t believe I have the comment feed going anymore to cut down on the number of feed confusion. Might have to think about getting it added back though. :)

Quix0r said on May 6, 2007 @ 10:54 am

Okay, I have located the bug and released 2.0-FINAL1. :) If you like, come around to my blog and download it. It is currently stopping 99.85% of all my comment spam. Against trackback spam I use a little patch which I have found somewhere in the blogsphaere.

Dedicated Server Hosting provided by FastServers.Net
Mitch Keeler © 2008 - In Mitch We Trust!
Sitemap | RSS Feed | Privacy Policy | Go to Top