Stopping WordPress Comment Spam

This is post is art directed, so you may wish to hop out your RSS reader.

I recently set up a blog for my band, Ellipsis. Just using a simple theme which I customised a little so it worked better as a band website. There’s also a load of fancy CSS3 goodness, naturally.

If you can’t see anything art directed, make your browser bigger!

I ran into a problem, though. The blog was getting a ton and a half of comment spam. All of it was being blocked by Akismet, which is great, but that wasn’t stopping it getting there in the first place.

This is where we roll out the super-duper-ways-of-stopping-comment-spam.

There are a number of little tricks I’ve got implemented on WPShout, largely using the .htaccess file.

What’s .htaccess? Excellent question! It’s a little file you’ll find in the root of your WordPress install and lets you do all sorts security and speed tricks. For further reading, I’d recommend Jeff Starr’s excellent Perishable Press.

Trick 1: Only Let Actual People Comment

Captchas! Make would-be commenters do sums! All good and well, but also a pain.

We can use the .htaccess file to block comments which haven’t actually come from your blog. These are going to spammy types. Add the following lines, adding your blog’s name:

RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.** [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Trick 2: Stop Spammers Getting Near

If you want to see how this post was made, have a read of Art Direction for WordPress.

Once again I can’t recommend Perishable Press enough. Jeff has a blacklist which he keeps regularly updated. Implement the Perishable Blacklist and all sorts of bad things will be halted from getting anywhere near your blog.

Trick 3: Close Comments After 60 Days

Spammers will tend to target your most popular posts and they’ll only know if a post is popular after it’s been online for a while. Meaningful discussion also generally happens only soon after a post is published.

WordPress offers you the option to close comments a certain number of days after a post is published, as seen on DigWP.

Close off your comments after 60 days and you’ll have had your meaningful discussion and spammers can’t then spam all over the place. It’s like having a cake and eating it!

Under Settings, Discussion, you’ve got the option to “Automatically close comments on articles older than 14 days”. Change the number of days to 60 to allow some discussion to take place and tick the box. Save, and you’re done!

That’ll do, lad.

That’s more or less all there is to it, surprisingly. Any one of the three of these tricks will stop your comment spam, but all three combined should eliminate most spam from your lovingly created

PS. If you wouldn’t mind having a look at my band and/or subscribing on YouTube, that’d be lovely.

Background image from Smashing Magazine.