How to stop Comment Spam

Over the years I have used many different Plug-in’s and methods to reduce Comment Spam on my websites.

Those Plug-in’s included the default WordPress Plug-in AkismetinfoInfoAkismet is a hosted web service that saves time by automatically detecting comment and trackback spam. It's hosted on their Servers, but they give you access to it through a plugin and an API. (at last count on my main website it has blocked 3,306 Spam Comments), WP-SpamFreeinfoInfoAn extremely powerful anti-spam Plug-in for WordPress that reduces comment spam, including trackback and pingback spam. It works invisibly without CAPTCHA’s, or other inconveniences to site visitors. The plugin includes spam-free contact form feature as well. (it’s blocked 4,725 Spam Comments), and along the way various other Security Plug-in’s and methods.

But none of them have been 100% effective.

Sure, they “reduced” the amount of Spam, but some Spam has always managed to get through.

Now obviously you need to set your WordPress Discussion Settings so that they must be approved by an Administrator first (see image below), but having to plough through the Spam Comments and manually delete them too, well that is an additional Admin overhead we can all do without.

WordPress Discussion settings

Discussion Settings

Comment Spam has been a real bug bear for me, and to be honest, a pretty big problem. But at last I’ve finally found a Plug-in that reduces Comment Spam to zero, zilch, nada!!! That’s right, it’s 100% effective in preventing Comment Spam.

Well, let me qualify that by saying that it’s 100% effective against automated Comment Spam.

Obviously, if a real human is determined and prepared to take the time to post a bogus comment and physically undertake the CAPTCHA test, then you won’t stop that.

The Plug-in in that I have discovered is Fun CAPTCHA.infoInfoFun Captcha presents a mini-game that blocks the bots while giving your users a few moments of fun. It’s a real security solution hardened by experts and automatically updated to provide the best protection. Users complete these little games faster than other CAPTCHAs, with no frustrating failures and no typing. Fun Captcha works on all browsers and mobile devices.

The trouble with most CAPTCHA systems is that they are quite difficult to read (see the image below), and visitors to your website hate using them, and the Spammers are getting smarter all the time and can circumvent them.

CAPTCHA Examples

CAPTCHA Examples

So what Fun CAPTCHA does is stop the BOT’s, and turns the CAPTCHA system into a mini-game.  The visitor wishing to post a comment is required to complete the game with a series of mouse clicks, rather than trying to decipher hard to read CAPTCHA Images, and it works on all Browsers and Mobile Devices.

The best thing is that Fun CAPTCHA is totally free, however you must create an account on their website to obtain some security codes first.

Below is a video that shows how the Fun CAPTCHA Plug-in works.

You can download the Plug-in from the WordPress Plug-in Directory.

Top 5 WordPress Plug-in’s for your Business Website

Top 5 WordPress Plug-in's

 

There are almost an infinite number of Plug-in’s available for a WordPress based website.

However, there are some that I believe are a must have regardless of what type of Website or Blog you have.

The following Plug-in’s are the top five that I believe are essential and you should have installed:

    • Change the urls (web address) for the WordPress dashboard including login, admin, and more.
    • Rename the “admin” account. For example you could rename it admin2013.
    • Change the WordPress database table prefix. The default is wp_.  The plug-in will change it to a random set of letters.
    • Change wp-content path. You could change this to anything, for example site-content.
    • Ban bots and other hosts.
    • Prevent brute force attacks by banning hosts and users with too many invalid login attempts.
    • Enforce strong passwords for all accounts from Subscriber’s to Admin’s.
    • Detect and block numerous attacks to your filesystem and database.
  • BackupBuddy – This plug-in has saved my bacon on more than one occasion.  Imagine you have spent 100’s of hours and dollars developing your website, and the unthinkable happens.  Your website is hacked and your website is compromised, or even worse, the Web Hosts’ Server is hacked and everything is lost.  Now wouldn’t it be nice to be able to restore your website from a backup almost immediately?  Well that is just one of the things you can do with BackupBuddy.  BackupBuddy is a “Paid For” plug-in, but it’s worth every cent.  With BackupBuddy, you can:
    • Back up your entire WordPress installation. Your Widgets, Themes, Plug-in’s, Files, Images, PDF’s and SQL database – the entire website!  Just like you would backup your laptop or desktop computer, you should be doing regular backups of your website. With BackupBuddy you can schedule backups and have them sent off-site to Dropbox, Amazon S3, Rackspace Cloud, an FTP server, or your email. Or you can download them straight to your computer.
    • Restore your WordPress site fast. The restore function in BackupBuddy is very simple. Upload a file called importbuddy.php and your backup file, and it restores WordPress including your Themes, Widgets, Plug in’s, and everything else. You don’t even need to re-install WordPress first!
    • Individual File Restoration – Did you make a whole lot of changes to your theme and then decide that you wanted everything back like it was?  Now you can identify files to restore individually, instead of having to go through a complete site restore!  Easily browse your backup .zip file contents right from the dashboard and decide which files to restore.
    • Move your WordPress site to another Web Host easily.  Not happy with your current Web Host?  No problem.  Simply make a backup of your website, sign up to a new Web Host, upload the backup file and importbuddy.php script and run it.
  • WordPress SEO – WordPress SEO would have to be the most complete WordPress SEO plugin around. It does everything including a Google Snippet Preview and Page Analysis that helps you optimise your page content, image titles, meta descriptions and more, as well as creating XML sitemaps, and a heap of optimisation options in between.
  • Broken Link Checker – Over time, a website will accumulate quite a number of links within pages, both internal links and external links.  These links will occasionally break when the website they point to cease to exist for any number of reasons.  You would only know if this was the case if you happened to check the links periodically, or you are notified by a vigilant visitor to your website.  Broken Link Checker will notify you via the WordPress Dashboard and via Email if it detects any broken links.
  • Imagify – One of the biggest mistakes I see when people manage their own websites (and sometimes by so called professionals), is the use of images that haven’t been optimised for web use. Imagify takes the hard work out of optimising images by doing it as you upload them. Of course you should still resize images to an appropriate pixel count first, but with this plug-in, images will be optimised on the fly. If you already have images on your website, there is also a bulk optimisation feature. The free version of the plug-in offers 25MB of data per month at no cost. After that, a fee is applicable, or you can wait until the next months anniversary and pick up a further 25MB Free.