I’m often quite amazed when I see so many posts on the WordPress.org forums asking how to combat spam. When I ask what steps have been taken so far, the reply is often “OMGWTFBBQLOLLERCOPTER I am being inundated with hundreds of spam comments I haven’t done anything make it stop WordPress!!!!” And I get it, spam is pretty annoying! Also, sometimes it’s easy to forget that some people are brand new to running a site on the internet and don’t even know what questions to ask to get the result they need. So here is a real simple bit of information to get you started down the spam fighting road.
There are literally hundreds of options and solutions for fighting spam. I’m going to preface my information by telling you that nothing is 100%, but we can stem the influx of spam a good deal. The first thing we do is turn on Akismet. I linked to the plugin for info, but I really didn’t need to. The reason? It ships with WordPress! You already have it! Go to your list of plugins and turn it on! That alone will help considerably. It will keep spam from appearing live on your site, it will go to a spam queue instead where you can look it over and delete it. Akismet isn’t perfect, but you can help teach it by marking spam it doesn’t catch as spam. We all contribute to it’s effectiveness. One thing to note, you will need to register for a wordpress.com account to get your key to activate it. No problem, .com accounts can be helpful for other things too like activating the increasingly cool jetpack plugin (but that’s another post).
Akismet is great, but there is an additional tool that is endlessly useful – my favourite in the spam fight. Everyone needs Cookies for Comments (CFC)! What’s it do? Well, the vast majority of spam you get is from spambots. They don’t technically visit your site, they just ping the url of your comment form and post their evil spam. CFC can detect this by using an image and a cookie on your post (don’t worry, the image isn’t visible). This little check makes sure that comments actually come through your comment form – most spam does not! You can set CFC to just discard these comments, which I do. Prior to activating CFC I was getting tonnes of spam comments in my akismet queue daily. After CFC, I see maybe 1 or 2 a week.
That is honestly it for the true basics in combatting comment spam on WordPress. Those are the only 2 plugins I use, and I am completely happy and see very little spam. You can go a little further if you want to – I doubt you will need to though.
If you run a forum or a really active site, you might garner the repeat attention of certain persistent spammers. You can bust out your ban hammer in situations like this. This lets you get granular in your spam fight, blocking specific emails. You can keep these folks off your site!
And finally comes the big guns. I’m talking about Bad Behavior. This is pretty darned powerful and can really help in your fight. But be careful, you can really block out a lot of good traffic too. I had used this plugin on VoodooPress before, but found it was a bit too much and was getting in the way of my forum traffic.
There you have a basics of getting started fighting spam. As I said, nothign is perfect, but these tools can keep you from going crazy! I just use the first 2 plugins on all my sites – Akismet and Cookies for Comments. That combination alone keeps me quite happy and keeps everything manageable.
What do you think? This was just meant to be a ‘basics’ discussion, but do you use anything else to fight spam? Do you run into problems blocking good traffic?