July 31, 2014

If you have a WordPress blog, you will get comment spam. WordPress comment threads can become a mess of nonsense comments and link spam. Luckily there are tools available that will take care of the great majority of comment spam. Bloggers will still have to keep an eye out as both false positives and false negatives can occur. But with a few quick and easy steps, your comments section will be much cleaner.

Where do WordPress Spam Comments Come From?

The most common motivation for comment spamming is a practice known as black hat link building. Black hat link building refers to bots posting links to sites in order to boost those sites’ performance on search engine results pages (SERPs).

Google, along with other search engines, uses the number of incoming links for a page or domain as criteria for ranking sites in search engine results pages. The more incoming links a site can rack up, the higher that site will rank on relevant SERPs. Thus, comment spammers use automatic botnets to seek out open comment threads that they can use to create more links. This doesn’t always work since Google has become smarter at figuring out what’s spam and what’s not. Also, WordPress comment links have nofollow meta tags on by default, but that doesn’t stop spammers from trying.

Other motivations for WordPress comments spam include advertising scammy job offers (i.e., “my friend made a million dollars in five minutes working from home”), publicizing related blog articles, and directing users to malware-infected sites.

Obviously, we don’t want anything like that appearing on our blogs, so what can we do about it?

How To Stop Spam Comments On WordPress

Use A Plug-in Like Akismet

When you first install WordPress, you’ll have a plug-in called Akismet installed out-of-the-box. Akismet is a comment spam blocking plug-in from Automattic, the company behind WordPress.com. Akismet is an intelligent spam blocker that works by compiling a database of all comments marked as spam among its user base, which is huge. It will catch most automated spam posts.

Akismet isn’t activated by default, so you’ll have to go to the Akismet site to get an API key, but it’s well worth the five minutes that takes. It’s guaranteed to save you a lot of time in the future. Akismet is certainly not the only spam blocking plug-in available to WordPress site owners. We’ve just chosen to feature it here since it comes installed already.

Built-in Comment Moderation

Comment moderation is another free feature available to site owners that will help stop spam comments. WordPress comes with a number of these tools. They can be found under the “Settings” menu in the Admin Sidebar. Choose the “Discussion” submenu, then scroll to “Comment Moderation”.

Here, you’ll be able to limit the number of links that a comment can have before being dropped into moderation. On a low-traffic blog, we suggest that you capture every comment with a link for approval. On a high-traffic blog with active comment threads, that would be time-consuming and annoying for commenters, so we recommend leaving it on two links, which is the default. Spam posts will probably get through, but you have to balance moderation time, the inconvenience to commenters of holding up their posts, and the risk of some spam appearing.

Here, you can also block words that are associated with spam. This can be useful, but you need to be careful not to cast too broad a net.

Restrict Comments To Registered Users

WordPress has built-in capabilities to restrict commenting to logged-in users, but I prefer to use the Social Login plug-in, which will allow commenters to validate themselves with their social media credentials. This will allow more legitimate users to make comments while still restricting many spammers who can’t or won’t offer social media verification.

Reducing WordPress Spam

WordPress comments spam isn’t going anywhere, but WordPress users can limit the amount of moderation they have to do to keep their comments clear with these straightforward techniques.

If you’re a WordPress site owner with optimized web hosting needs, contact us today for fully scalable plans and services.


Nexcess, the premium hosting provider for WordPress, WooCommerce, and Magento, is optimized for your hosting needs. Nexcess provides a managed hosting infrastructure, curated tools, and a team of experts that make it easy to build, manage, and grow your business online. Serving SMBs and the designers, developers, and agencies who create for them, Nexcess has provided fully managed, high-performance cloud solutions for more than 22 years.

We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.