Blogging Tip: Simplify Your WordPress Anti-Spam Efforts

If you're a blogger, you probably get more than your fair share of blog comment spam. This can include anything from robots to bad SEO professionals spamming you for backlinks to trackback spam.

You have a few options to deal with them:

You can let them go live on your site. (Ick!)

You can moderate all comments manually.  (But why?)

You can implement intrusive captcha-style spam prevention. (You know, that's the hard to read scrambled letter mishmosh thing that annoys the hell out of pretty much everyone.)

Or you can use a "cleaner" WordPress anti-spam plugin that gets the heck out of the way and lets your visitors comment easily while eliminating spam invisibly behind the scenes.

"Clean" WordPress Anti-Spam Plugin Options

If you use WordPress, you're probably familiar with Akismet. I used it for years, thinking it was fantastic. Then I found out some readers' comments weren't getting through. They weren't being filtered into my spam folder either. They weren't getting to me at all. While I can't say if they still have this issue, I decided then and there to leave Akismet behind.

I moved on to another popular WordPress anti-spam plugin. It wasn't completely invisible to readers, but it was still better than using a captcha. The problem? Several months ago I noticed a huge increase in spam. We're talking about hundreds of spam messages getting through to the moderation queue. Every. Single. Day. (I only moderate first comments, which helps prevent things like this.) It was happening to others using this plugin too.

It appeared that some spammer automated attacks against users with this plugin installed. But it also seemed to be filtering attacked sites in some way (out of more than a dozen sites where it was installed, only my sites above a certain PageRank were targeted). Nothing was done about it, so I had to move on again.

That's when I came across this little lovely -- Anti-Spam by Webvitaly. (The name couldn't get any clearer than that, right?) I installed the plugin here, and Hallelujah!, those hundreds of daily spam comments stopped immediately.

Better yet, I don't even have to clean out my spam box every day anymore because these aren't filtered there. They never get through in the first place. I've since installed the plugin on all of my other active blogs and, like magic, I've saved a good 20-30 minutes a day not dealing with the mess the last plugin attracted.

So if you ever find that your WordPress blog is being slammed by automated spam, please check out this anti-spam plugin. We could all use one less headache when it comes to managing our blogs.

Profile image for Jennifer Mattern

Jennifer Mattern is a professional blogger, freelance business writer, consultant, and indie author. She runs numerous websites & blogs including All Freelance Writing, Freelance Writing Pros, NakedPR, and Kiss My Biz.

Jenn has 25 years' experience as a professional writer and editor and over 20 years' experience in marketing and PR (working heavily in digital PR, online marketing, social media, SEO, new media, and thought leadership publication). She also has 19 years' professional blogging and web publishing experience (including web development) and around 18 years of experience as an indie author / publisher.

Jenn also writes fiction under multiple pen names and is an Active member of the Horror Writers Association.

Subscribe to the All Freelance Writing newsletter to get freelance writing updates from Jenn in your inbox.

12 thoughts on “Blogging Tip: Simplify Your WordPress Anti-Spam Efforts”

  1. I’m very open to this plugin Jenn. You haven’t had any problems with legit comments being excluded?

    I still use Akismet. I also briefly had a problem about 3 years ago with legit comments not even appearing, but it’s worked fairly well since then.

    I briefly scan the Spam comments every couple of days. The only ones I look at are those that have a gravatar, and it’s only once a month or so that I actually approve one of those.

    My only significant problem is with really lame comments. Someone takes the time to manually fill out the comment form, but the comment either doesn’t show they’ve actually read my post, or it vaguely refers to one small part of the post but says nothing helpful. I think they do it because they somehow think it helps their SEO. It doesn’t.

    • I haven’t had any reason to suspect that’s happening. If I hear from someone that their comments aren’t getting through, I’ll certainly update this. 🙂 We’ve actually had more comments after the change, and it doesn’t seem to be preventing anyone from posting.

      For the manual spam, these kinds of plugins won’t do much. But simple filters in WordPress can be a big help, especially if you notice a trend where the spam is focused on a certain niche.

  2. Good tips, thanks! But, Anti-Spam doesn’t work with JetPack, which many WordPress users have installed. I like Conditional Captcha because it only serves a captcha when Akismet identifies a comment as spam. Legitimate users therefore never see the captcha. Plus, the Conditional Captcha plugin optionally uses Google’s reCaptcha, which helps to digitise texts. I realise you don’t like Akismet, though, but I’ve never had a problem with it…

    One last tip would be to install the Wordfence Security plugin since you can block persistently annoying IP addresses individually or at a network level.


    • The problem with Akismet is that bloggers who were having problems with it had no idea they were having problems with it. The vast majority of commenters won’t tell you, especially if they’re new. They stop by, comment, and assume it’s in a moderation queue. But you would never actually see the comment. It wasn’t until a long-time reader and colleague who knew me personally had their comments killed. They commented (or tried to) often enough to realize something strange was going on, and because they knew me and knew I had no reason to censor their comments, they reached out. Most would never do that. And because other comments still came through fine, I had no reason to suspect anything was wrong. So yeah, relying on Akismet for any kind of filtering is out of the question for me.

      I’ve heard great things about Wordfence Security, and I know they have other features that make it worth considering as well. But out of curiosity, can its IP filtering do anything in particular that WP’s built-in filtering can’t? Sadly I come across bloggers all the time who don’t even realize it exists.

      • Sorry, I didn’t see your reply before! I’ve lately come across a few other issues with Akismet which I’m still looking into, so I may indeed start looking for a solution that doesn’t include them. However, I’m loving Wordfence more and more all the time. Have you tried it yet? In regards to comments, it’s got a few advanced options, such as holding anonymous comments using member emails for moderation and filtering comments for malware and phishing URLs. To answer your question about its IP blocking options, oh yes! There are multiple blocking options:
        -on the login page (customizable)
        -for fake Google crawlers
        -based on 404s for known vulnerable URLs
        -based on paged views and/or 404s generated in a given time period (customizable)
        -based on specific URLs
        -manually per IP address
        -per IP address range
        -per country
        -for IPs that send POST requests with blank user-agent and referrer
        Plus you can whitelist specific IPs and usernames so you won’t accidentally block yourself.

        • I’ve tried it and it didn’t work well for me. The site slowed down significantly. A lot of security and caching plugins have compatibility issue with larger plugins I use (which aren’t optional for this site).

          I very rarely seem those kinds of comments come through because they’re usually automated (meaning Anti-Spam blocks them before they even get to submit to the site for review). And WP’s existing block options for email addresses, ips, etc. seems to take care of the few bad apples I run into. So it looks like I’m pretty well covered with current setup.

          Thanks for taking the time to tell us more about Wordfence though. That might come in very handy for other readers here! 🙂

  3. Very nice and wise collection of words to describe the importance of anti-spam plugins.
    I am running a video website. And when I started it, the Akismet was already installed. I want to ask is it necessary to install more anti-spam plugins to protect my website. I mean, professionally how many anti-spam plugins should be installed if you want 100% protection.

    • If your plugin does its job, you should only need one. But I don’t recommend Akismet. They have a history of “eating” legitimate comments (and you’ll never know it’s happening to you unless a reader contacts you privately about it). A honey pot plugin like webvitaly’s Anti-Spam plugin is more than enough for the majority of WP sites. And as an added bonus, it doesn’t require real commenters to do anything at all — no clicking checkboxes, no filling out captchas, etc.


Leave a Comment