Comment Spam: Where it comes from and the best defense to protect your WordPress site.
If you have a blog and have comments turned on, no doubt you are in the battle against comment spam. It may be long text with lots of links in a foreign language with a few smiley faces thrown in or it may be just “Nice post.” I consider comment spam anything that doesn’t indicate to me that the commenter read the post and adds to the conversation.
Yes, I realize that commenting on blogs is a traffic generating strategy, but hey, at least give me a hint that you actually read the post!
There are two sources of comments spam – bots and humans.
Bot spam is generated from scripts with the sole purpose of distributing millions of comments because it doesn't cost them any more to send a million than to send one. Typically they hit your comment WordPress file directly and don't visit the blog pages. And if just a tiny fraction of them stick, they are happy.
Human spam is another story. Many times it is generated by people in third-world countries being paid a pittance for cranking them out as fast as they can. Some people call them “mechanical turks” maybe as a takeoff on Amazon's outsourcing service.
These people want to spend as little time as possible on your page so they use techniques like copy and paste or even desktop applications that partially automate the process.
Then of course there are the misguided commenters who are trying to get a link back to their own site by leaving cryptic or nonsensical statements.
So what do you do about comment spam?
Blocking and tackling – to use a football analogy. You can block the perpetrators from even accessing your site or you can tackle them once they get there.
You can identify and then block IP addresses from accessing your site either in the WordPress dashboard or in your .htaccess file. You can also block scripts from accessing your comments file directly. These techniques can have unintended consequences, so test if you go this route.
You can use spam plugins to tackle them once they get there so that the comments are whisked away into the spam bucket for you to wade through.
The technique I currently recommend is either Akismet or SpamShield.
Submitted by Christine Cobb, a WPSecurityLock contributor
Leave Your Feedback
So how do you battle comment spam? What did you think of Andy Bailey's interview? Leave your comment below.