Stop Comment Spam from WordPress Blog Completely

by Hiroshi on 20-12-2009

WordPress comments spam is a big problem, but how can we stop, ban, block spam comments before they hit our WordPress blogs. There are many ways you can block, ban spammers from your blog. WordPress has got many plugins for this as well. Spammers hit blog using auto bot softwares and spam comments inwhich they through a lot of spammy URLs, links, irrelevant text. If you are able to block spam, you can significantly save bandwidth and do more instead of deleting all the spam you get accumulated daily in your moderation queue. Here are possible ways to block and combating spam.

Block Spammers Using .htacces File

You can collect frequent spammers IP and put them in .htaccess file to block them. Below is an example of the .htaccess code that can block the specified IP addresses from viewing the blog with support of wild card.

order allow,deny
deny from 123.123.123.123
deny from 156.156.156.*
deny from 189.189.*.*
allow from all
Deny Access to No Referrer Requests

When your readers comment, the wp-comments-post.php file is accessed, does its thing, and creates the post. The user's browser will send a "referral" line about this. When a spam-bot comes in, it hits the file directly and usually does not leave a referrer. This allows for some nifty detection and action direct from the server. If you are not familiar with Apache directives, then write the following in your root directory .htaccess file:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/$ [R=301,L]

This will:

  • Detects when a POST is being made
  • Check to see if the post is on wp-comments-post.php
  • Check if the referrer is in your domain or if no referrer
  • Send the spam-bot BACK to its originating server's IP address
Using PHP Code to Block

You can add this to the top of any PHP page, putting the actual IP address where the xxx or yyy are the IP to block.

<?php
$block = array("xxx.xxx.xxx.xxx", "yy.yy.y.yyy");
 
if (in_array ($_SERVER['REMOTE_ADDR'], $block)) {
    header("Location: http://google.com/");
    exit();
}
?>
Akismet WordPress Plugin

This plugin is very useful which scans every comment and extract possible spam and move them in separate group called spam. This plugin has been very much useful and a good solution for comment spam.

WordPress Comments Moderation

If you navigate to the WordPress Admin > Settings > Discussion, you will find comments settings there:

Comment Moderation will hold a comment in the queue if its not appropriate or it contains more than 2 links. Check moderation option for that.

WordPress Comments Blacklist

When a comment contains any of specified words in its content, name, URL, e-mail, or IP, it will be marked as spam. You will have to specify keyword or IP per line for that. Block IP addresses via the blacklist, it will move all such comments to the spam queue.

But that still means work for bloggers to screen for valid comments (unless you prefer to click "Delete all Spam", which will also delete any useful comments, and invite query from readers as to why you deleted their comments). Of course you can edit your .htaccess file to block some IPs, but how many times can you keep doing that manually?

Ban Spammers IP

Use WP-Ban, a very powerful WordPress plugin which helps you easily ban users by IP, IP Range, host name and referrer url from visiting your WordPress’s blog and prevent spam from ever reaching your comments. It will display a custom ban message when the banned IP, IP range, host name or referrer url tries to visit your blog. The Ban Stats can reveal valuable info about spam attempts and IP ban.

Go to WP-Ban

Caution: Do not block your own IP. Do not use wild cards to block a large number of IPs or domains carelessly or you could be blocking thousands of your own readers and search engine bots. If you simply block the IPs which occur too frequently in your spam comments, ban those IPs and see your spam reduce in minutes.

Get Free Software, Games and Computer Tips by Email

Related Posts

Tags: , , , , ,

Posted in: Security, Security News, WordPress Tips, wordpress
Post's RSS » RSS 2.0
Post's Comments RSS » RSS 2.0
Share it!
  • Print
  • Digg
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • email
  • LinkedIn
  • Live
  • MySpace
  • Netvibes
  • PDF
  • Reddit
  • Slashdot
  • StumbleUpon
  • Technorati
  • Tumblr
  • Twitter
  • Yahoo! Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Share/Bookmark
 

9 Responses to “Stop Comment Spam from WordPress Blog Completely”

  1. Dec 30, 2009
    roulett Says:

    Great idea, thanks for this tip!

    ReplyReply
  2. Jan 16, 2010
    Harry Says:

    Damn, that sound’s so easy if you think about it.

    ReplyReply
  3. May 27, 2010
    tangologix Says:

    well great piece of info, thanks for posting , my blog was suffering spam comments man i tried and now it’s fine. thanks for post man , regards

    tangologix

    ReplyReply
  4. Jun 10, 2010
    nansyeartho Says:

    Bonjour, Charming to yoke you, I am Nancy

    ReplyReply
  5. Jun 11, 2010
    Nitesh Says:

    Nice Ideas . I will have to use it coz lots of spamming comments are coming in my jewelry site.

    ReplyReply
  6. Jun 13, 2010
    Best Wordpress Theme Says:

    Thanks for sharing such a nice information about this interesting topic. I am looking forward to save it and read it later on. Thanks

    ReplyReply
  7. Jul 28, 2010
    Angel Brumsey Says:

    Nice site man Thanks

    ReplyReply
  8. Jul 30, 2010
    Technovoid Says:

    Appreciate this info. Spamming is quite a problem for we bloggers. I will return to study more.

    ReplyReply
  9. Aug 17, 2010
    Adrew Says:

    This blog is awesome.

    ReplyReply

Post a Comment

Comment will appear here after approval, Thanks for patience