Helpful Plugins for Protecting Your WordPress Site or Blog from Spam
9 minutes | Word Count: 1647Depending on the amount of traffic and number of comments you receive on an average day, battling spam on your WordPress site or blog can be either ‘slightly inconvenient’ or ‘straight up warfare against crazy bots’. If you receive low traffic (and consequently less comments) you can easily handle spam by calibrating your Discussion settings.
If you get heavy traffic you will need an anti-spam plugin. You can simply install them and configure them and if you are not technical enough, you should just Outsource WordPress Development to any WordPress expert.
Before we get to the list of our favorite WordPress spam prevention aides, you should learn what features make for a good anti-spam plugin.
Client Side Actions
Keep them as few as possible and no-one needs to get hurt. Ideally, your users shouldn’t have to perform any actions other than typing and posting their comments. Every time a plugin asks your users to tick a box or type something from a barely-legible Captcha image, a kitten dies somewhere and your users feel unappreciated.
Database Impact
The algorithm of a good anti-spam plugin will prevent any spam comments from squeezing their way into your WordPress database. This significantly improves performance as server load decreases due to fewer SQL transactions. There’s a catch, though. If the algorithm gets messed up, genuine comments can be lost forever too.
New User Registration
…Can be easily automated by bots. And once they register, they can post as many comments as they please without getting filtered, thanks to default Discussion settings on WordPress. You can either change the settings or use a plugin which blocks spam from new users.
Trackbacks
There are plugins which can check to see if IP addresses of trackback sender and server (referred to in the trackback URL) match. Almost 99% of spam trackbacks can be revealed this way.
Stats
Good anti-spam plugins aren’t afraid to show their report-cards. Weekly or monthly statistics of detected spam will help admins to keep a track and analyze data.
Now that you have a working knowledge of what makes a good anti-spam plugin, you can select from a list of our favorites, which are:
1. Akismet
Used by millions, Akismet is hands-down THE number one anti-spam plugin. Brought to you by the geniuses at Automattic (who also gave us VaultPress backup service), this plugin gives you industrial-grade spam protection. You can install and activate the plugin with an API key (requires signup). It’s simple and effective to the extreme.
Akismet works by uploading the incoming comments on the plugin’s server, where the comments undergo rigorous inspection by a bucket load of anti-spam algorithms. Comments that pass are published to your site, and the rest are dumped unceremoniously in the spam queue. You can check every comment’s history to see if they were spammed manually (by a moderator) or automatically (by the plugin).
This plugin works well with Jetpack and Contact Form 7.
Akismet offers up to 50,000 free spam checks a month for non-profit and personal use websites and blogs. The commercial websites can get licenses starting at $5/month.
2. WP-SpamShield Anti-Spam
You won’t have to look far and wide for this exceptionally agile anti-spam plugin. WP-SpamShield Anti-Spam is listed right up there in WordPress Plugin Directory.
This plugin can handle: comment spam, registration spam, contact form spam, trackback validation (and spam). It uses comment logging and blacklisting to block incessant spammers and protects your database from spam.
It does NOT use Captcha or challenge questions. It blocks proxy server visitors. It supports almost every kind of WordPress and WordPress registration Form in existence. It has not only one, but two layers of protection. The JavaScript/Cookies layer blocks spam bots, while the algorithm layer eliminates trackback and human spam. And it is free!
We hail Scott Allen (Owner-dude of Red Sand Marketing): the guy who brought you WP-SpamShield!
3. CleanTalk
A premium cloud-based plugin for WordPress spam prevention, CleanTalk blocks comment spam, trackback spam, and spambot signups. The comments are uploaded on CleanTalk’s cloud server. Once there, they must pass through the stringent algorithms and validation checks (including submission time, JavaScript disabled, blacklisted users and HTTP links, and more) and come out clean. The losers are sent to sit in the corner marked ‘spam queue’ (probably with ‘dunce’ cap).
You can get a 2-week trial for free. The plugin’s commercial license is also pretty cheap at $8/year for every website.
CleanTalk has some comprehensive statistics features which show comment log (reason for blocking) and moderation history. It’s also compatible with most comment form plugins and e-commerce plugins.
It’s pretty neat.
4. Growmap Anti Spambot Plugin (GASP)
“Take control of your blog comments again” –GASP page in WordPress Plugin Directory.
Growmap Anti Spambot Plugin doesn’t beat around the bush and hates spam bots with a burning intensity. All it does is add a client side generated checkbox to your comment form which simply asks the users “Excuse me, sir/madam, are you a spambot?” in a simpering, British accent.
Okay that’s not true.
Well the first part is. It asks your users to confirm that they’re not bots by checking a box. The box is generated through client-side JavaScript, so bots can’t see it. It would be laughable if it weren’t so efficient.
GASP is simple, lightweight, and perfectly effective against automated spam bots. It’s also free of cost.
5. Anti-Spam Bee
1 million+ downloads and WP’s Mullenweg himself swear by this plugin. Anti-Spam Bee does whatever an anti-spam plugin can and you don’t need to register to see it in action. It’s available to all personal AND commercial websites for free.
This nifty little plugin will block comments from IP addresses which aren’t validated. It keeps your database clean by purging it of spam (deleting spam after some time). It shows you monthly statistics on the dashboard. It gives you the option to select your own spam indicators. It doesn’t use Captcha. It’s also ad-free and complies with European data privacy standards.
What more could you ask for?
6. WordPress Zero Spam
WordPress Zero Spam is built on the simple concept of blocking users from commenting if they have JavaScript disabled.
This plugin uses server and client side JavaScript key validation, so bots are immediately blocked from spamming. It doesn’t require any external services (see: Akismet and CleanTalk, which upload comments on their servers to check them). It works well with caching plugins (unlike WP-SpamShield) and doesn’t hassle your users into providing proof that they’re humans.
It’s available to everyone for free and supports Contact Form 7, Ninja Forms, Gravity Forms, and BuddyPress, but is not compatible with Jetpack. Like GASP it’s also largely ineffective against human spammers.
7. GoodBye Captcha
Another freebie from the Plugin Directory, GoodBye Captcha blocks spambot registration, spam comments, and brute force attacks. And as the name suggests, it won’t ever ask your users to prove their human-ness with captchas (or with anything else really).
This plugin works on eliminating spam (and spammers) before they ever take root on your site, with the end result of spam-free site and no effect on loading times. You can use it to check for spam (and bots) on comment and registration forms and password reset pages too. It also blocks spammy IPs. Like WordPress Zero Spam, it’s self contained and doesn’t use external servers.
GoodBye Captcha can work with Jetpack, PlanSo, and MailChimp forms. It will also extend spam protection to WP User Control and Login with Ajax forms.
8. Spam Destroyer
“Be gone evil demon spam!” – Spam Destroyer on WP Plugin Directory
You can always tell when a plugin does Exactly-what-it-says-on-the-Tin. Spam Destroyer is one such plugin. It destroys spam, and it’s quite good at it.
It’s small, lightweight, and efficient against all manners of automated spam. So robots and spiders have little-to-no chance of contaminating your site. It’s also “intended to be effortless to use”, which it manages to accomplish flawlessly.
It doesn’t use any ‘human-detection’ methods, so crazy people can still leave spam. For everything else, this freebie is perfect.
9. Stop Spam Comments
”Simple, lightweight, and invisible by design,” Stop Spam Comments does not disappoint against automated spambots. It’s a simple JavaScript-based spam-blocker. It won’t ask your users dumb questions or use captchas; they won’t even realize it’s there.
Unlike GoodBye Captcha, this plugin can let you leave all blocked comments in WP backend spam queue. Since they are in your site’s database, lots of spam will hamper performance. Just make sure you select the right Discussion settings.
Apart from that, this free plugin is cool.
10. Stop Spammers Spam Prevention
This plugin blocks and eliminates comment, registration, trackback, and contact form spam. It’s quite nimble and effective.
Stop Spammers Spam Prevention uses more than 20 spam-check algorithms and can block spam from over 100 countries across the world. Once a comment/sign-up/login attempt raises a red-flag, the plugin will give them a second chance through a ‘request denied’ page. Once there, the plugin will use captchas to ensure it’s not a bot.
The plugin allows you to configure it to your specifications (with “more than 12 pages of options”) and works well with other contact, comment and registration form plugins. The plugin and further add-ons are available free of cost.
Conclusion
There you go. These plugins should help keep your site spam-free. A lot of plugins on this list are free, and most low-traffic sites can probably work with them. They can also try tweaking your Discussion settings to make their stand against spam even stronger.
For sites which receive 1,000+ comments on an average day, it’ll take nothing less than a strong anti-spam plugin to keep your site spam-free.
That’s a price we would gladly pay.