Spam has overtaken the world, one form, one registration one email at a time. In reality, spam is actually losing the war against those who appose it, but their gorilla efforts still continue. The key is to understand what tools are at your disposal to eliminate spam from your WordPress blog.
If you are anything like me, you despise spam or anything that remotely resembles spam. In my effort to remove it, I will go to great lengths to report a spam email, website or comment on my blogs. As a hosting provider Net Solutions and ProFusion Products also go to great lengths to ensure our clients email is relatively undisturbed by email spam.
That being said, some spam still gets through, and one place I notice a lot of consumers complaining about spam is from their WordPress blog. Most of these claims are due to a lake of education on what can be done to avoid spam on a blog. Once your blog is properly configured you can eliminate spam registrations and comments completely. However, this is done at a cost.
Before we can eliminate spam from your blog, let us first look at the source of spam, and then we can evaluate how to remove it.
- The primary source of spam is via comments to your blog posts. Spammers have built automated routines to scour the internet looking for the specific code related to a WordPress comment box. The spam routine then auto-submits a comment typically with a link back to the spam website. Ultimately spam bots go through this effort, to try and generate traffic or links to their parent website.
- The other source of spam submissions is during the registration process. Depending on how your blog is configured you may require visitors to register before they can comment on your blog, or before they can become a member. This form can also be discovered by Spam routines, and the spammer can then become a member of your blog.
Both of the above scenarios trigger an email to be sent to the blog administrator indicating a comment has been submitted or a user has registered. Often times the submission is composed of complete gibberish, making the administrator leery that something has gone wrong with the application. In reality, nothing is wrong, the spam routine simply enters gibberish in an effort to see if the submission process works. Often once they know it works, they will return with a second spam bot to complete the process more professionally with more detailed information.
Now that we understand how spam is caused on a WordPress blog, let us look at what the built in options are for eliminating spam.
- From the admin panel of your blog, if you go to Settings and then General, you will see a list of options. One of the options is “Membership” with a check box for “Anyone Can Register” by checking this box you allow spam bots and regular users to register on your website.
- From the admin panel of your blog, if you go to Settings and then Discussion, you will find numerous options that control the hoops people need to jump through to comment on your blog. If you want to lock down the site so no one can comment simply uncheck the box for “Allow people to post comments on new articles”
- Another option in that same section of the admin panel, is a combination of the two items above. The first option would be to not allow anyone to register, and then in the second screen select “Users must be registered and logged in to comment” This way you can control who can add comments. Now, if you have someone you want to allow to add comments, simply login to the admin panel and add them as a user. This allows you specific control over who can comment on your blog.
- There are numerous other variations that you can control from the settings > discussion admin section of your blog. Try using them to see if you can configure your blog to meet your website visitors needs while reducing the volume of spam.
Now the important piece to understand when making the adjustments above, is the configurations that eliminate spam also eliminate the ability for your average website visitor to make a comment. So if you want visitors to your website to be able to add comments, then you need to be aware that spam submissions will also come along as an unintended consequence. If you do not want visitors to comment, then you may as well lock it down so that spam bots cannot complete the forms either.
Another option that is available, for the more advanced user of WordPress is to look into third party tools that allow you to add CAPTCHA code to your website. CAPTCHA may mean something to you when you think about that funky security code you have to complete when submitting for something online.
You can see an example CAPTCHA code in the image to the right.
CAPTCHA is great, because spam bots typically cannot complete it, while your average website visitor can complete the CAPTCHA code. That being said, not everyone is average, nor is CAPTCHA code created equal. Some people simply find CAPTCHA too difficult and quit as soon as they see it, others try to complete it but fail a couple times and then quit. So adding CAPTCHA can lead to a decrease in user comments and registrations.
If you are interested in adding CAPTCHA code to your blog, you need to find a 3rd party plug-in for WordPress or build your own. Keep in mind that each of these plug-ins are developed by a 3rd party, and not supported by WordPress, Net Solutions or ProFusion Products. If you elect to add this code to your site, you are responsible for the outcome, and any support would be provided by the inventor of the 3rd party code.
Two very popular CAPTCHA code options are listed here, with links to the download page where you can acquire the software. If you need help installing the code, or configuring the options please contact your system administrator or website hosting company.
- SI CAPTCHA Anti-Spam – This is what we use on the Snoitulous Ten blog
- Simple CAPTCHA This one is also popular on the internet
Best of luck to you in your effort to eliminate spam!