Posted in Media, Publishing, Technology

How to choose the best method for preventing comment spam in WordPress

Everyone who is responsible for administering and managing a WordPress blog, web site, or publication that is configured to accept comments knows how massive the comment spam problem is. Fortunately, multiple solutions are available to fight it. In fact, there are so many solutions that before you install a plugin that is supposed to prevent spam, take a step back and consider what is the best strategy for your site to fight fake comments.

cartoon character sorting messages into in and out trays

Several types of plugins are available for WordPress that apply different methods for identifying spam, Installing a plugin is not the only option to solve the problem. In some cases, it is better to do something else. It depends on your site and what you want to achieve.

The principal reason for comment spam is that it is an easy and low-cost way to try and hack into a WordPress site, spread harmful links, or distribute ads for fake products. Spammers run programs that look for WordPress sites on the internet, and automatically post comments on the articles and pages that allow commenting.

Let’s analyze five main options for fighting comment spam in WordPress.

Install a plugin that can identify spam comments

The WordPress plugin directory features hundreds of plugins that have been designed to automatically prevent spam. The methods vary from sophisticated artificial intelligence –like systems that can learn from data they receive to simple tricks with hidden fields in the comment form.

The advantage of these software algorithms is that after initial setup, they really are automatic. They can identify spam (depending on the plugin’s capabilities, of course), drop it into the Spam folder and publish comments written by real people. The disadvantage is that false id’s are inevitable. Valuable remarks from readers may be thrown into the Spam folder where they disappear into a stack of hundreds fake comments. So, the site admin must regularly monitor the Spam and Published Comment folders, anyhow.

captcha challenge in WordPress comment form
Captcha image must be resolved before a comment is approved.

Install a plugin that requires users to take additional action (captcha)

A few years ago the world believed a cure for spam had been invented in Captcha. It is that mosaic image where you have to identify traffic lights or something else, or a few letters and numbers obscured with lines and dots. Plenty of Captcha plugins are available for WordPress. Beware, some of the Captcha-plugins send data from your site to Google or to the plugin developer for the program to work (Securimage-wp says it doesn’t leak data).

The good thing with Captcha is that it works. It stops spam. It stops many people from commenting as well, because the required extra action annoys them.

new WordPress comments waiting for approval
New comments waiting for approval or rejection.

Manually review every new comment

This is how we start with comments on a new WordPress web site: (in the WordPress admin panel) in Settings-Discussion-Before a comment appears, we check the box for Comment must be manually approved.

Then, we monitor how bad the spam problem for the site is. If it is not bad, we continue with the manual approval process, but if it becomes bad, we choose a tool to fight it. When manual approval is live, please check the comment queue as often as you can. Nothing infuriates people more than their thoughtful remark sitting in the approval queue for days.

Let an external system manage comments instead of WordPress

Years ago, we administered Drupal web sites. At the time, spam problem was already strongly growing, but we discovered Disqus as the perfect solution to prevent it. Disqus is still doing the same thing it was doing then: it manages the entire comment system for a web site (also for WordPress). There are other similar services, but this is the one we used.

The best thing with Disqus was that it just works. It is perfect. The site admin doesn’t have to worry about spam after the initial setup. The not-so-perfect thing we discovered later after we had migrated to WordPress was that all comments were stored in Disqus databases. Our shiny new WordPress site had all the fabulous articles and pages, but no comments.

Close comments altogether in WordPress, and have conversations in social media only

Social media services, like Twitter, Pinterest, and Reddit can bring visitors to a web site if a piece of content or only a link to an article is circulating in appropriate channels.

We are administering a WordPress site where the last comment was submitted months ago. Before that, commenting on the site was frequent. Discussion moved to Twitter. The title of every new article with a link to the site is automatically posted on Twitter once published. That’s where readers find it, and that’s where they want to discuss about it. The writers who produce the content have to be active on Twitter as well.

The best anti-spam solution for WordPress

It depends on the web site and objectives of the owner of the site what is the best solution to fight WordPress comment spam. For instance, we are using two of the introduced strategies on two different sites and are considering deploying the third strategy (close comments and interact on social media) on another site soon.