No matter how popular your blog is, the amount of spam a website receives is often proportional to how many visitors the site has. The internet is a posting platform, and people write scripts that helps post their “great services” anywhere and everywhere. These usually come in the form of comments for WordPress websites. You are not alone though; any site that attracts people and invites interaction will draw spam bots.
Luckily there are a few ways to combat this. There are plugins and plugins and more plugins that claim to stop spam. I’ve tried soo many, it’s ridiculous. Before you jump right to a plugin, let’s look at the site’s purpose and decide if we even want to allow comments. Are you actively trying to have visitors interact with your post? Most people are posting small promotional items about their business, and allowing comments won’t make or break the information in the article. Now if your aim is to set up a true blog and interactive forum for people to discuss topics, then yes, it’s time to power up because you need to go on spam offensive.
Here is a handy little trick to stop spam from bots. Warning, this is editing your blog’s .htaccess file. Using some code in this file, you can tell the blog to not allow spam through the comments part of WordPress. So why the warning? If the code is pasted wrong this could cause your blog to show the WordPress white screen of death. It’s not hard to edit the file, and the benefits outweigh the risk.
First step is to use FTP to download your .htaccess file for a back up. Open it up in a plain text editor, and paste this code:
# Magic spam erase
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post.php*
RewriteCond %{HTTP_REFERER} !.yourwebsite.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>
Save your document and upload to your server. This should take care of the spam bots for the most part.
There is a plugin that typically comes default with WordPress called Askimet. This forces comments through a series of tests and checks before it’s allowed through. It is free for private blogs. You will need to signup for a key through Askimet. Once you have the key code entered into your plugin, your blog should be well protected.
Askimet Plugin
Askimet API Key
Want to go even further down the rabbit hole? What if you left comments to be handled by a third party off of your blog, but displayed them on your blog. The third party company would then need to combat the spam in order to deliver you something you want to display on your website. Meet Disquis. Using a service for community interactions as a blog comment filter on your website is a fairly new idea. This is a great service for blog comments and it easily integrates into your WordPress blog.