Stopping WordPress Comment Spam

This is post is art directed, so you may wish to hop out your RSS reader.

I recently set up a blog for my band, Ellipsis. Just using a simple theme which I customised a little so it worked better as a band website. There’s also a load of fancy CSS3 goodness, naturally.

If you can’t see anything art directed, make your browser bigger!

I ran into a problem, though. The blog was getting a ton and a half of comment spam. All of it was being blocked by Akismet, which is great, but that wasn’t stopping it getting there in the first place.

This is where we roll out the super-duper-ways-of-stopping-comment-spam.

There are a number of little tricks I’ve got implemented on WPShout, largely using the .htaccess file.

What’s .htaccess? Excellent question! It’s a little file you’ll find in the root of your WordPress install and lets you do all sorts security and speed tricks. For further reading, I’d recommend Jeff Starr’s excellent Perishable Press.

Trick 1: Only Let Actual People Comment

Captchas! Make would-be commenters do sums! All good and well, but also a pain.

We can use the .htaccess file to block comments which haven’t actually come from your blog. These are going to spammy types. Add the following lines, adding your blog’s name:

RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.** [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Trick 2: Stop Spammers Getting Near

If you want to see how this post was made, have a read of Art Direction for WordPress.

Once again I can’t recommend Perishable Press enough. Jeff has a blacklist which he keeps regularly updated. Implement the Perishable Blacklist and all sorts of bad things will be halted from getting anywhere near your blog.

Trick 3: Close Comments After 60 Days

Spammers will tend to target your most popular posts and they’ll only know if a post is popular after it’s been online for a while. Meaningful discussion also generally happens only soon after a post is published.

WordPress offers you the option to close comments a certain number of days after a post is published, as seen on DigWP.

Close off your comments after 60 days and you’ll have had your meaningful discussion and spammers can’t then spam all over the place. It’s like having a cake and eating it!

Under Settings, Discussion, you’ve got the option to “Automatically close comments on articles older than 14 days”. Change the number of days to 60 to allow some discussion to take place and tick the box. Save, and you’re done!

That’ll do, lad.

That’s more or less all there is to it, surprisingly. Any one of the three of these tricks will stop your comment spam, but all three combined should eliminate most spam from your lovingly created

PS. If you wouldn’t mind having a look at my band and/or subscribing on YouTube, that’d be lovely.

Background image from Smashing Magazine.

11 Responses


  • Great suggestions here, very much appreciated! I’m a first time visitor to your site and I just wanted to say I love the layout and design. I wanted to ask, if you don’t mind, if you could let me know where you found the cool ‘cracked’ social icons that show at the end of your post? Much thanks.

    (P.S. – I added you on Twitter, looking forward to some more cool posts =D).

  • Moazam says:

    Nice article, wondering if you care to add facebook like button on your website 🙂

  • Joffrey says:

    Unfortunately it won’t stop comments where people use their website’s name or keywords instead of their real name.

  • Edson says:

    Ok, trick 1 is cool! But couldn’t be better to use a captcha? There’s a lot of WP Captcha plugins out there.

  • Brigette Anne Murray says:

    Spammers who just like to input senseless comments along with their anchor links are some of the most annoying things on a blog. While you are doing all you can to give out as much information possible or do a favor by opening a discussion, these spammers just ruin the blog like a virus. Automatically closing a thread is a double-edged sword though. Reviving an old thread is a big NO in forums, but in blogs, some new readers who have interesting things to say won’t be able to share their opinions if the blogs are closed. Remember, not everyone is seeing your blog…what with all the billions of pages on the web today. I myself am a bit disappointed when I have something to say, only to find out that the blog is already closed =(.