Stop WordPress Spam Comment in Ninja Style

WordPress spam, Comment spam, Registration spam - These are the most common questions. I even saw people to use a lot of plugins or premium services to fight with WordPress Spam Comment.

As like others WordPress users, I also facing this spam comment and its bothering me a lot. Few years ago I developed and released a WordPress Spam block plugin. But latter I removed that as this could be done by WordPress default setting and some others tweaking.

I was happy with my One year without WordPress Spam protection plugin, but last few months again war has began with WordPress spam comment.

So, I did bunch of research, applied some custom settings and code to see what actually works. And Probably I got the success to protect spam.

Most popular WordPress related blog like WP Tavern, Smashing Magazine, Torque etc also suffer spam comment problem.

Okay enough Talking, now lets move on to stop spam comment. And yap, as I said in Ninja Style.

Stop WordPress Spam Comment in Ninja Style

There are a lot of WordPress Free and Premium plugin available to fight against Spam comment. I am not going to suggest you to install each and every plugin to increase your WordPress website loading time.

Akismet

Akismet is a most strange and popular advanced anti-spam services available from company name Automattic. This plugin is using by millions of user, even you may say it has been installed with every installation of WordPress.

Its not so hard to install and activate Akismet plugin. But to use it full features, you will need an Akismet.com API key. Dont worry, they had Free personal use package with others premium package. Here is the awesome easy step to enable Akismet:

• Sign up for Akismet account or log in to an existing one
• Get your API key
• Navigate to Settings -> Akismet
• Paste the API key
• Ah, be cool and let the plugin fight spam for you

Note that, Akismet has an option to silently discard the worst and most pervasive spam. I turn it one and save lot of times. You also may try it.

Tweaks in Discussion Settings

Now its time to check WordPress default Comment settings. Depending on your site you can escape few settings as I used for mine.

You also can disable comment by unchecking the allow people to comment on new article terms. Also you can control how you are going to treat your site comment which has too many links. I used 0 to check each comment which has links inside.

Also if your site don’t get a lot of comments, it probably a good practice to schedule all the comments for manual approval. Because if Akismet cant detect the spam comment, manually you may check and marked as spam.

Stop comments with Black List Words

If you search on Google to find out spam words for email, comments then you will get thousands of results. But Its a good practice to check each spam comment you got to get those words list. Because as much your blog will be popular, your site spam comment will be increased.

After researching on my site spam comment and some other site, I made a list of some Black list words which used to do spamming. Here is the list:

4U
Claims you are a winner
For instant access
Accept credit cards
Claims you registered with Some Kind of Partner
For just $ (some amt)
Act now! Don’t hesitate!
Click below
Free access
Additional income
Click here link
Free cell phone
Addresses on CD
Click to remove
Free consultation
All natural
Click to remove mailto
Free DVD
Amazing
Compare rates
Free grant money
Apply Online
Compete for your business
Free hosting
As seen on
Confidentially on all orders
Free installation
Auto email removal
Congratulations
Free investment
Avoid bankruptcy
Consolidate debt and credit
Free leads
Be amazed
Copy accurately
Free membership
Be your own boss
Copy DVDs
Free money
Being a member
Credit bureaus
Free offer
Big bucks
Credit card offers
Free preview
Bill 1618
Cures baldness
Free priority mail
Billing address
Dear email
Free quote
Billion dollars
Dear friend
Free sample
Brand new pager
Dear somebody
Free trial
Bulk email
Different reply to
Free website
Buy direct
Dig up dirt on friends
Full refund
Buying judgments
Direct email
Get It Now
Cable converter
Direct marketing
Get paid
Call free
Discusses search engine listings
Get started now
Call now
Do it today
Gift certificate
Calling creditors
Don’t delete
Great offer
Can’t live without
Drastically reduced
Guarantee
Cancel at any time
Earn per week
Have you been turned down?
Cannot be combined with any other offer
Easy terms
Hidden assets
Cash bonus
Eliminate bad credit
Home employment
Cashcashcash
Email harvest
Human growth hormone
Casino
Email marketing
If only it were that easy
Cell phone cancer scam
Expect to earn
In accordance with laws
Cents on the dollar
Fantastic deal
Increase sales
Check or money order
Fast Viagra delivery
Increase traffic
Claims not to be selling anything
Financial freedom
Insurance
Claims to be in accordance with some spam law
Find out anything
Investment decision
Claims to be legal
For free
It's effective
Join millions of Americans
No questions asked
Reverses aging
Laser printer
No selling
Risk free
Limited time only
No strings attached
Round the world
Long distance phone offer
Not intended
S 1618
Lose weight spam
Off shore
Safeguard notice
Lower interest rates
Offer expires
Satisfaction guaranteed
Lower monthly payment
Offers coupon
Save $
Lowest price
Offers extra cash
Save big money
Luxury car
Offers free (often stolen) passwords
Save up to
Mail in order form
Once in lifetime
Score with babes
Marketing solutions
One hundred percent free
Section 301
Mass email
One hundred percent guaranteed
See for yourself
Meet singles
One time mailing
Sent in compliance
Member stuff
Online biz opportunity
Serious cash
Message contains disclaimer
Online pharmacy
Serious only
MLM
Only $
Shopping spree
Money back
Opportunity
Sign up free today
Money making
Opt in
Social security number
Month trial offer
Order now
Special promotion
More Internet traffic
Order status
Stainless steel
Mortgage rates
Orders shipped by priority mail
Stock alert
Multi level marketing
Outstanding values
Stock disclaimer statement
Name brand
Pennies a day
Stock pick
New customers only
People just leave money laying around
Stop snoring
New domain extensions
Please read
Strong buy
Nigerian
Potential earnings
Stuff on sale
No age restrictions
Print form signature
Subject to credit
No catch
Print out and fax
Supplies are limited
No claim forms
Produced and sent out
Take action now
No cost
Profits
Talks about hidden charges
No credit check
Promise you …!
Talks about prizes
No disappointment
Pure profit
Tells you it’s an ad
No experience
Real thing
Terms and conditions
No fees
Refinance home
The best rates
No gimmick
Removal instructions
The following form
No inventory
Remove in quotes
They keep your money — no refund!
No investment
Remove subject
They’re just giving it away
No medical exams
Removes wrinkles
This isn’t junk
No middleman
Reply remove subject
This isn’t spam
No obligation
Requires initial investment
University diplomas
No purchase necessary
Reserves the right
Unlimited
Unsecured credit/debt
We honor all
Will not believe your eyes
Urgent
Weekend getaway
Winner
US dollars
What are you waiting for?
Winning
Vacation offers
While supplies last
Work at home
Viagra and other drugs
While you sleep
You have been selected
Wants credit card
Who really wins?
Your income
We hate spam
Why pay more?

Disable HTML in WordPress Comment

As you know that we can use HTML tags inside WordPress comment. Spammer use this facility to add spam comment. They use HTML link tag to link their site or content. You can turn it off using a few lines of code. Copy code from below and paste into your site functions.php file and save it:

function shameem_comment_post( $incoming_comment ) {
$incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']);
$incoming_comment['comment_content'] = str_replace( "'", ''', $incoming_comment['comment_content'] );
return( $incoming_comment );
}
function shameem_comment_display( $comment_to_display ) {
$comment_to_display = str_replace( ''', "'", $comment_to_display );
return $comment_to_display;
}
add_filter( 'preprocess_comment', 'shameem_comment_post', '', 1);
add_filter( 'comment_text', 'shameem_comment_display', '', 1);
add_filter( 'comment_text_rss', 'shameem_comment_display', '', 1);
add_filter( 'comment_excerpt', 'shameem_comment_display', '', 1);

Remember, you must need to disable ping backs and trackbacks from WordPress default comment setting options as shown earlier.

Remove URL field from WordPress Comment form

A great and main reason a spammer post spamming comment is to get link back from your site. To me best and right way to stop WordPress Spam comment is to remove URL field from comment form. You can do it very easily using some lines of code. Copy code from bellow and paste in your functions.php to remove URL field from WordPress comment form:

add_filter('comment_form_default_fields', 'remove_url');
 function remove_url($fields)
 {
 if(isset($fields['url']))
 unset($fields['url']);
 return $fields;
 }

Disallow comments which coming from other sources

Trust me, Spammers are really smart. They will use different kind of tactics and techniques to get what they want. They can send comment from others sources like using software, apps etc.

To stop spam comment in WordPress which don’t come from your site, you will need to update your .htaccess file with some customization:

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Dont forget to replace yourblog.com with your site URL.

Before changing any files, make sure you kept backup. Because anything may happen because of a small mistakes.

Block spam by restricting IP address

Though you can do it using some plugins, but why not to try without plugin? You can track and list some spammer’s IP and block in two way without plugin:

• Block IP using WordPress default Discussion setting
• Block IP using .htaccess file

You can block IP from WordPress default setting as it is pretty easy, just copy, paste and save. But using .htaccess file is bit complex. Actually not complex but world may be fallen down on your head if you do any mistakes.

• Navigate to .htaccess file and open it
• Copy and paste the code:

Order allow,deny
Deny from 88.136.129.110
Allow from all

• Change the IP address you wish to block
• Save changes

Stop Spam Comment using Plugin

As I mentioned at the beaning, I don’t like to use plugin for each and everything. But if you don’t want to do a lot of things to fight with spam, then you may try any plugin from bellow list:

• WPBruiser (formerly Goodbye Captcha)
• Anti-spam
• Anti-Spam by CleanTalk
• WangGuard
• Anti-Spam Bee
• WordPress Zero Spam
• Growmap Anti Spambot (GASP)

Fight against WordPress spam comment is an ongoing battle. You always have to keep eye on the spam comments, always have to update the method you are using to fight with spam comment.

Using my suggested method you can reduce the spam comment but not completely can remove it. Wishing you best of luck on WordPress spam comment battle.