Soon after I launched this blog, I started to receive heavy amount of spam comments, mostly from some Russian sites. It’s not only that I can’t read their comments in Russian, but some of their comments are extremely long. I think this overloads the database even though its impact may be minor.
Luckily, there are many plug-ins to fight spams for your WordPress blogs. Here are a couple of popular and effective solutions.
1. Akismet is a great anti-spam plug-in that comes installed by default. You just need to turn it on by clicking ‘Activate’.* With Akismet, you can set comment blacklist.** The beauty of this blacklist is that you don’t have to put the whole word or the whole IP address. It will block any comments that contain the partial words and partial IP address.
A lot of spams that I received from the Russian sites had different IP addresses almost every time because they hijacked the addresses. But their website domain or email address contains ‘.ru’. I just added ‘.ru’ to the blacklist and most of them were filtered.
* To activate Akismet, you will need to enter an API key that you can get from the WordPress website.
** To set up comment blacklist, click ‘Settings’ -> ‘Discussion’.
2. Consider adding CAPTCHA if you want spams even not to be submitted. That’s what I did because I got tired of deleted the spams. Even if they were nicely filtered by Akismet, once in a while I needed to delete them otherwise I would have had thousands of spam sitting there, taking my DB space, possibly affecting DB performance.
I installed this plug-in “cformsII” in order to add CAPTCHA. “cformsII” is a powerful plug-in that allows you to create your own forms. You can easily replace the default WordPress comment form with a fancy and secure one that you can generate using cformsII.
http://wordpress.org/extend/plugins/cforms/
Create a new comment form using cformsII. You can use the default form that is shown when you access to the setting page first time.* Change the name of form to what you will recognize easily, for example, ‘comment’ and add / remove fields and change display configurations if you want to.
* It will show the link ‘cformsII’ next to the ‘Comments’ of the top menu.
Then, replace the PHP function “comments_template()” to “insert_cform(’name_of_form’)” in any PHP scripts that have the comment form. The files are different depending on which theme you use, but the usual scripts are ’single.php’, ‘archive.php’, and ‘page.php’.
<?php comments_template(); ?>
->
<?php insert_cform(’comment’); ?>
By admin, January 17, 2009 @ 11:51 am
After I tried cformsII for a week, I noticed that spam comments were submitted significantly less, but unfortunately, I also noticed the comments were not saved in database. They were delivered via emails only. Even though I found out later there was a configuration that I could change to store submission data in DB, this was not enough for me. I wanted to display the most recent comments on the side menu.
I could have customized the codes to show comments from the cformsII tables, but I wasn’t sure if I wanted to go that far. I ended up restoring the default WordPress comment form. As expected, within 30 minutes, I started to receive Russian spam comments again. Eventually, I found this plug-in, reCAPTCHA that adds CAPTCHA to the default comment form.
http://wordpress.org/extend/plugins/wp-recaptcha/
I sometimes find it difficult to read their letter combination from the image that reCAPTCHA generates. The readability of the reCAPTCHA words could prevent users from leaving comments, but I believe it’s worthy because I won’t have to spend much of my time to clean up spam comments and to fix possible server performance issues.
By Alex Kaye, July 16, 2009 @ 9:24 am
Thanks very much for this article. I was having exactly the same problems…so many bloody Russian spam bots out there. Installed recaptcha on my blog. Hopefully it will take a nice load off.
By admin, July 17, 2009 @ 4:35 pm
Thanks for visiting! I hope it works for you! I still receive some spam comments, but it’s significantly less.