HTMLcut blog

About PSD to HTML Conversion and More

WordPress Spam Protection for Beginners

WordPress Spam Protection for BeginnersThe design has been created, the respective PSD has been converted into HTML/CSS code of the WordPress based website, and your hosting company has installed it on their servers. Now you can share your thoughts and information about you or your company with the world. Everything is great and exciting, excepting one thing – spam in comments. How to administer it?

Why Spammers Like WordPress-Powered Websites

The first reason is WordPress’ ubiquity: today WordPress is the most popular content management system (CMS) on the Internet. WordPress is used by about 16% of all the sites. It holds almost 54% of the CMS market, which is more than 5 times greater than the share of the nearest CMS competitor.

Secondly, WordPress code and structure are well-known: it is a thoroughly documented open-source project, there are a lot of good tutorials and guides. Thirdly, some of WordPress peculiarities make it quite simple to automate placing spammy comments.

As a result, WordPress based websites are an attractive target for spammers. Inexpensive spam-sending software makes the problem even worse.

To be exact, WordPress adds the attribute rel="nofollow" to each link in comments and in this way decreases their value for search engines. But this doesn’t stop spammers: if they gain a lot of such links, it might still help to rank better in Google.

How to Disable Comments

The first anti-spam recipe is simple and categorical: turn off comments. Just log in as an admin and find the menu item Settings > Discussion in the WordPress dashboard:

The dashboard item Discussion

At the top of the Discussion Settings page you can see an option that allows you to stop posting comments on new articles:

How to stop posting comments on new articles

How to Monitor Comments

Truth be told, I agree with Wikipedia that blocking comments is not the best way, especially for blogs:

“Although not a must, most good quality blogs are interactive, allowing visitors to leave comments and even message each other via GUI widgets on the blogs and it is this interactivity that distinguishes them from other static websites.”

Moreover, when a blog post has new comments it is a good sign for visitors and Google that the post may be worth reading and ranking higher.

So if you decide not to switch off commenting but don’t want to turn your website into a trash dump, you have to administer your website comments:

Discussion Settings: Monitor comments option

Usually spam comments are not difficult to recognize. Often they are abstract and tell about high quality of your post and/or its topic and at the same time say absolutely nothing about concrete details. Also, spammers like phrases about how happy they are to find your post (after so long search on the Internet!), that friends / brothers / nephews / etc. have attracted their attention to your post, and now they follow your site and would visit it many times in the future. Or they ask you where the RSS button is placed while it is one of the most visible icon on your website. And so on, and so forth.

How to Ban Specific IP’s, URL’s or Words

WordPress provides a very effective tool to strike back: Comment Blacklist. With its help you can ban importunate spammers by their IP, URL, e-mail, name or keywords:

Comment Blacklist

For example, our blog is about PSD to HTML conversion and web design. Therefore, our blacklist includes such words as "dating, loan, xanax, uggs" and many other keywords which have absolutely nothing in common with PSD to HTML coding. The comment blacklist is the best place for IP’s which are the most spammy. In our case among them are addresses which begin with 173.163.11 (,, etc.), 173.208, 178.238 and some others. An effective way to fight against annoying spammers may be to ban their domains or e-mails.

Please note: this option will match inside words and, for example, “press” will match “WordPress” too, so don’t be overzealous!

How to Turn Off Comments for Individual Posts

From time to time you may find out that some of your old posts become too “popular” among spammers. To get rid of their attacks you can turn off comments for specific articles. To that end you should go to the Edit page for such a post and switch on showing on screen the section Discussion:

How to turn off comments for individual posts - Step 1


How to turn off comments for individual posts - Step 2

and then disallow comments for this post:

How to turn off comments for individual posts - Step 3

After this operation new comments will be automatically marked as spam.

Other Anti-Spam Tools

The method described above is the simplest way to administer spammy comments. It may be quite sufficient, at least as a first approximation. However, there are also other means to fight spammers such as special WordPress plugins, as well as server-side settings and coding.

For example, Akismet anti-spam plugin checks comments whether they look like spam and lets you review results in the admin dashboard. This plugin transmits new comments to the Akismet cloud web servers, where they are run through hundreds of tests. In this way Akismet decreases time that is spent on sorting through and deleting spam in comments. Note: Akismet is free for personal blogs, but if you have a business site or promote products or services, you should use paid subscriptions.

Can You Stop Spam Completely?

There is no approach or tool which is able to completely eliminate spam. Therefore, if you allow commenting, be ready to spend some time on comment moderation. Nevertheless, using proper settings and improving the comment blacklist on a regular basis, you may decrease that time to the quite acceptable level. On the other hand, just remember that you can disallow comments at any time.


Not all spammers are ill-intentioned, some of them are ordinary small business owners who just believe that spam can help them to reach top positions in Google. So, one more tip: take it easy and in a creative manner. For example, like Linzie Hunter for whom the subject line of spam e-mails is a source of inspiration in creating a series of typographic lettering:

Typographic lettering by Linzie Hunter

Image: Courtesy of Linzie Hunter

About the Author
Sean Brown is the editor of HTMLcut blog. Starting as a software developer (FORTRAN, Lisp, C, C++, HTML / CSS / JS), now he is wearing the hat of marketing and copywriting manager.


Comments (5)

  1. Pingback: WordPress Spam Protection for Beginners | Design News

  2. Thanks for sharing.

    Logo Design Services

  3. I’m happy to read your blog


  4. Great site! Thanks so much for sharing it. Keep up the awesome work. Finally. I hope you don’t mind if I use some of your content for a college term paper I’m working on.


  5. Hi, that’s a great read. It always superb when anyone takes some time to inform, as you have.