How to Deal With WordPress Spam

Spam comments have always been a big problem with WordPress. A busy blog frequently sees well over a hundred spam comments each day. If you have a WordPress blog, here is how we recommend that you deal with the issue.

In the early days of WordPress, the primary method for dealing with spam was to review each comment and determine if it should be approved or deleted. For a popular blog, this took up most of the time the blog owner would otherwise use to write new posts. A plugin called Akismet saved the day and dramatically reduced the amount of spam comments that have to be reviewed. Akismet comes with every version of WordPress, so you do not have to hunt for it. If you accept comments on your blog posts, we strongly recommend that you install it, activate it, and use it.

Akismet does a great job of eliminating probably 95% to 99% of the typical spam comments, but spammers are getting more creative and are using methods that sometimes slip by Akismet. We notice that a lot of blogs are accepting obvious spam comments, perhaps because they do not recognize them for what they are.

Why do people leave spam comments? The primary reason is for link juice, which means they want a link to their web site. A growing number of SEO companies in India are also engaged in adding comments to blogs to provide links to clients’ web sites. From a search engine’s perspective, a link to a site is a popularity vote that passes a value commonly referred to as link juice. Multiple links to a site, also called backlinks, can dramatically affect a site’s rankings in Google, Yahoo and Bing. Backlinks play a strong role in search engine ranking algorithms. A secondary reason is simply to pick up some additional traffic to their sites from blog users that click on the links.

WordPress tires to combat comment spam by automatically adding a rel=”nofollow” attribute to all links found in comments. Al the major search engines recognize this attribute and essentially ignore any link that contains the nofollow attribute. This attribute negates the value of the link and no link juice is passes to the receiving site.

Nonetheless, almost all spam will contain one or more links to other web sites, either in the user’s website field or in the comment itself. Links are what drive comment spam.

Here are some different types of spam and how we identify them.

• Obvious Spam – Contains links to porn and other types of unrelated web sites. The comments are sometimes filled with 25 or more links to other sites. Any content unrelated to post. Akismet catches almost every one of these.
• Complimentary Spam – This a fairly new trend. Complimentary spam will praise your posts, your writing skills or ask questions about your theme. The comments themselves are very generic and are unrelated to the topic of the post. If you do a search in Google using the text of the comment, you will frequently see thousands of blog posts where these comments have slipped through and are have been posted. Some blog owners mistakenly believe that more comments are good for their blog and approve almost everything, but that can sometimes lead to problems with search engines when too much of the content is unrelated to the topic.
• Stealth Spam – Stealth spammers leave numerous comments throughout a blog. The comments are typically Complimentary Spam or contain generic comments. Stealth Spammers are usually easily identified because you will see multiple comments in the WordPress admin area using the same e-mail address, the same IP address or the same user website link.
• Marketing Spam – These spammers look for blog posts related to the products or services that they offer. If you have a site that talks about jewelry, you may see a comment that is a blatant ad for another site, or it may be a comment like, “I found some great quality diamonds at bargain prices at (link to site)” The domain on their e-mail address is frequently the same as the web site that they are recommending, which reveals their motives.
• Intelligent Spam – The comments are related to the topic and indicates that the spammer may have read the post. However, the comments are usually brief and frequently reveal a lack of knowledge regarding the topic for which they are voicing an opinion.

It is up to every blog owner to determine whether or not to approve spam comments. If they are related to the topic and contain harmless links, you might want to make it your policy to approve them, even if they might be spam. However, once you determine that a comment is spam that was not detected by Akismet, do not delete it because it is better to report it as spam to Akismet.

Under each comment in the WordPress Comment administration area you will find a series of links. To report spam to Akismet, click on the Spam link. Details regarding the comment are sent to Akismet, which then records in in their database. When enough similar WordPress spam comments are reported by a number of blogs, Akismet will begin to filter out that type of spam.

Here is best advice we can offer regarding how to deal with WordPress comment spam.

1. Never allow comments to be posted immediately. Always configure comments to be approved by an Administrator. You will find these setting in the WordPress administration area in Settings > Discussion. Make sure that in section entitled ” Before a comment appears” the item “An administrator must approve” is checked.
2. Whenever you approve a comment, test every link to make sure that it leads to an appropriate site. We sometimes find links leading to sites loaded with malware or domains that redirect to porn sites. We recently found one that looked like a Christian domain name, but was redirected to a porn site.
3. Treat spam for what it is and report it to Akismet. If you are not sure if the comment is spam, but do not want the comment to show with your post, then simply delete it. But if it is spam, report it and that may be one less type of spam to deal with in the future.