Welcome, Guest. [ Log In ]
Question   What is comment spam and how do I stop it?
Search KBase


Top 5 in this Area:
1. How do I set up a WordPress weblog on DreamHost?
2. What is comment spam and how do I stop it?
3. How do I upgrade / migrate an existing weblog to WordPress?
4. What should I put for "hostname" for my new mysql database?
5. Can I install multiple copies of WordPress in the same database?

 
What is comment spam and how do I stop it?
A relatively new and annoying spammer practice these days is to post comments on as many web logs as they can across the Internet, with links to their web site.

The reason they do this is primarily to attempt to up their search engine ranking by having lots of sites linking to them, and secondarily to possibly get some people visiting them through the links in the comments themselves.

Comment spam can come pretty fast and heavy with any new weblog, so here are some helpful tricks for fighting it:

  1. BEFORE you make your first post with WordPress, consider going to the "Options > Writing" area and deleting the "http://rpc.pingomatic.com" entry under "Update Services".

    (What the Update Services does is immediately announce to a dozen different "weblog aggregators" that you've made a post. Ostensibly this is to help get the word out about your new post so people you don't even know may read it. In reality, few real people browse new weblogs based on searches in a weblog aggregator, but PLENTY of spammers do. Within a few hours of your first post spammers will be beating down a path to your blog, trying to automatically figure out what comment spam techniques will work on your installation!)

  2. You can change your comment settings from the "Options > Discussion" area. From there you can require manual approval before any comment shows up, only comments with certain words (not a very effective long-term solution though), or turn off comments altogether.

  3. If you're a little bit more technical-minded there are lots of anti-spam plugins for WordPress you can try out listed at http://www.tamba2.org.uk/wordpress/spam/.
Finally, we have put a tiny little hack of our own in the wp-comments-post.php and wp-comments-popup.php files to try and prevent automated comment spam a bit. If you end up never getting any comment spam, it may be that that little hack was enough! :)

Last updated: Dec 17, 2004.

User Post (2006-01-10 11:16:37 by zesticle)
The newest version of WordPress (2.0) comes with the Akismet anti-comment spam plugin. You have to register an account at WordPress.com to use it, but it's free and it's awesome. Highly recommended.
User Post (2005-12-26 01:33:15 by jam_dan)
Spam Karma has _eliminated_ ALL comment SPAM for me.... I can't say with 100% certainty that it has kept all valid comments, but I have no reason to believe that it would block them. (I don't usually read the comments that it blocks... they are boring, mostly about online poker, viagra, etc.)....
User Post (2005-03-06 17:40:53 by macmanx)
A more complete list of anti-spam techniques (based off of the list linked to in the article above) is at:

http://codex.wordpress.org/Combating_Comment_Spam

This list is edited by the WordPress community. So, new plugins, hacks, etc. are added as soon as they are developed.
User Post (2005-02-20 15:13:04 by cstokley)
Another excellent option is Spam Karma (http://unknowngenius.com/blog/wordpress/spam-karma/).
User Post (2005-02-09 08:01:14 by mind)
Anyone tried using tarpit.php? It's designed to block known spammers and add a delay, but when I activate it, I can't log in to the management pages; instead, I get the "headers already sent" errors. I wonder if there are some Dreamhost incomptaibilities (I'm running the latest version).
User Post (2004-12-06 13:18:39 by jfontana)
Folks, there are many of other hacks out there that will prevent comment spam.

The least annoying one I have found is from Elliot Back:
http://elliottback.com/wp/archives/2004/11/29/spam-stopgap-extreme/

Even if these spamers were to find your site through Pingomatic or other weblog aggregators", this feature basically renders the spam attempt as null nad void.. At least for now.

And for those who are using the MT Blacklist and wish to continue to use it:
http://sm.farook.org/files/WPBlacklist122.zip

mind you that install instructions are enclosed in that zip while at last glance the Eliot Black system did not include instructions / a readme