Blogging

How to Stop Spam Comments for GOOD!

I’ve been asked a few times and seen an array of tweets about people having issues with comment spam on their WordPress blogs, even when they’re using tools such as Akismet to try (mostly fruitlessly) to prevent spammers from getting their comment through to the blog or even just the Pending queue.

My blog┬áliterally has literally had 0 spam comments, ever. That’s not including manually created comments done by people to try and break past my relentless commentluv barrier but I’m very picky when it comes to allowing comments through onto my blog, I loose a good chunk of around 25% of my comments each day due to me disliking the tone etc… (Apologies in advanced for anybodies who doesn’t get accepted).

The one spam comment that is currently sitting in my qeue though, isn’t even a spam comment:

spam comment aka not spam 637x125 How to Stop Spam Comments for GOOD!

The Plugins Setup -

I have a few different plugins I use and I suggest having all 3 enabled and configured correctly for optimal spam stoppage!

Akismet

The standard WordPress comment stop-a-spammer plugin that’s built into every WordPress installation. Just grab an API key, activate Akismet in your WordPress plugins folder, insert the API key and bobs ya uncle!

akismet stop spam 637x221 How to Stop Spam Comments for GOOD!

Akismet is just an identifier, it’ll look for specific comments that tick the criteria of a spam comment and push them into the comment box. This is our almost last layer of protection vs spam comments compared to the other plugins we’ll be using.

Growmap Anti Spambot Plugin

Growmap is made by the same guys who make CommentLuv, which surprisingly enough I also have on my blog. It’s the “Confirm you’re not a spammer” box you might say plastered around various blogs. This is meant to stop software like ScrapeBox and No Hands SEO from being able to submit comments to your box and tends to work very effectively, especially vs the likes of timeout scripts.

growmap anti spambot plugin 637x522 How to Stop Spam Comments for GOOD!

Growmap offers a ton of options to further protect your blog, here’s my quick Growmap step by step tibbits:

  1. Change the CheckBox Name Weekly (This stops any bots that have picked up on it from being able to access it again)
  2. Disallow All Tracbacks, these are pretty pointless and when you’re trying to optimize a site why you want 2 way links?
  3. Change the CheckBox Label, this is so bots that are “clever” won’t pick up on the plugin’s default nature that spammers have targeted.
  4. Make sure User Refer Check is Ticked
  5. Make sure you have a maximum of 6 allowed comments in the queue.

AVH First Defense Against Spam Plugin

AVH is a plugin that not many know about and hardly any use. It’s created by the guy behind the Stop Forum Spam plugin so is mainly used on Forums and not on blog comment spam blacklists. This pulls in data from all over the place so people who have been spamming from 100s of different proxies won’t be able to even access the comments of your blog and when they try to post will be immediately blocked.

avh spam access denied How to Stop Spam Comments for GOOD!

If any comments do get through, you always have the option to report for spam and add it to the blacklist on the SFS database, which means you’re helping the rest of the community using this plugin and making the internet less spammy in general.

spam stop 637x182 How to Stop Spam Comments for GOOD!

This means you’ll be improving the community behind SFS, banning someone from your website from ever commenting again and saving the net from spam, 1 little IP at a time!

OnPage Tips/Tricks -

These aren’t the quick and easy install a plugin type tricks and some I don’t recommend if you don’t know your way around the technical sides of CMSs, otherwise get a friend who does and get them to do it for you!

Modify your .htaccess

This is super easy and really helps make your site more secure from both spam and hackers crawling bots.

Prevent Comment Spammers with .htaccess

Just add this to your .htaccess file and replace the “youurl” with your blogs URL (e.g. godofseo.co)

# Protect from spam bots
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.yourwebsite.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>

Ban the Spammers IP Address -

This is simple and you can just add new IPs or even IP ranges to the list -

# block ip
order allow,deny
deny from XXX.XXX.XX.XXX
deny from XXX.XX.XXX.XX
deny from XXX.XX.X.XX
allow from all

This’ll disallow any of those IP addresses from visiting your site.

Well it Works -

I use these 3 plugins across all of my blogs and they genuinely work really nicely, along with the extra tricks, your blog will be protected easily.

Try it for yourself and post your results in the comments section below, and if you have any tips or plugins you use, don’t forget to share them below and we can slowly eradicate the annoyance of spam as dedicated blog owners.

charlesfloate How to Stop Spam Comments for GOOD!
Charles Floate is an SEO Engineer at WoW Internet and the writer of God of SEO, an Internet & Search Marketing blog specializing in Link Building. Charles has over 5 years experience in the SEO Industry.
charlesfloate How to Stop Spam Comments for GOOD!
charlesfloate How to Stop Spam Comments for GOOD!

Latest posts by Charles Floate (see all)

You Might Also Like

Comments are closed.

10 thoughts on “How to Stop Spam Comments for GOOD!

  1. Hi Charles

    a couple of points. your God of SEO site has people using your commenting system to post links back to their site in quite an obvious way. Also, you do a heck of a lot of blog spam, i.e. your ranking for rand case study, you apologised to all those blogs you spammed.

    A bit cheeky writing this article me thinks ;)

    1. Never seen Catch Me If You Can? If he’s been doing it, then he probably has better advice on how to stop it from happening. Just my thoughts.

  2. Hi Charles,
    Have you tried the new commentLuv Antibacklink plugin?
    Looks like that works with a bunch of options to kick out unwanted comments . That’s the only one I have now and I’m almost 100% comfortable with it

  3. This article is really informative for blocking spam. In the wordpress , the last part is informative as spammers ignore all plugins (infact they say hi hi to those plugins) and goes to directly the page wp-comments-post.php.
    Or I think so. I have tried lot of plugins to stop spam, but there was no use as the spam was keep on coming. Onetime they injected 35k comments to slow down the website.
    Finally I removed the file “wp-comments-post.php” and the spam stopped.
    I reinstalled the file after adding the following code at top of wp-comments-post.php. After wards upto now there is no spam problem for me. Who knows how many months it will work??

    What it does, It just check who is the referrer, and if the referrer is not your domain, it exit the page with a message. You can cut and past this in your browser and you will see that the script is working
    http://snydle.com/wp-comments-post.php

    I still could not understand why wordpress folks not implemented something like this?? May be they are more interested in selling Akismet.
    I am posting this here hoping that some php expert will look to this and post a reply, as I am not expert in PHP scripts

    Regards
    Sajith

  4. Code is here it is php

    $ref= $_SERVER['HTTP_REFERER'];
    $domain = $_SERVER['SERVER_NAME'];
    $result =strpos($ref, $domain);
    if ($result === false) {
    echo “thanks for visiting me. Anyway no donut for you now”;
    exit;
    }

  5. Hi Charles,

    I appreciate your post… good timing. We’ve always used Askimet to filter spam, but on some of the sites we maintain something more robust is required. I have downloaded the other two and we shall give that a go.

    - Cole

  6. The php code I have added on the post did not show up in the commend. I think the server deleted it since it has seen < ? php. So I have again posted it. Can you please append it with older comment or approve it?

    $ref= $_SERVER['HTTP_REFERER'];
    $domain = $_SERVER['SERVER_NAME'];
    $result =strpos($ref, $domain);
    if ($result === false)
    { echo "thanks for visiting me. Anyway no donut for you now";
    exit;
    }

    regards
    thank you
    Sajith

  7. Hi,

    If you’ve not tried, then check out G.A.S.P plugin By Andy Baily. I’m using it on my blog with Premium CommentLuv.

    Btw: Akistmet is nice one plugin to stop comment spam. I liked the provided code for .htaccess file.

    Thanks for sharing!

  8. Great post Charles. Particularly liked the comment by Sajith regarding the hack involving wp-comments-post and htaccess, that is well done.

    Also would like to point out I am seeing an increasing amount of spammers using registered and verified Gravatar accounts to post spam. By using a registered Gravatar account with photo, it makes it more “approve worthy” to webmasters scanning the queue for legit posts.

    See: http://i.imgur.com/MXrZiwS.png

    I see SEJ also uses the Grownmap anti-spam plugin. Great plugin, but doesn’t work as good as it used to. I particularly saw an increase after WP 3.6 for some reason. Either way I used to get about 1000 spam comments a day now I am down to a dozen which is perfectly acceptable to me.

  9. I think it is very difficult to edit .htaccess. I am looking for best spam and IP blocking plugin who will be more helpful for my blog.