7 Tips To Stop *Comment Spam* in WordPress!

WordPress is an awesome platform for bloggers. It works great in channelizing their creative abilities, and offers a great number of features to help them earn a larger legion of fan base. But, despite all the goodies this incredible CMS has to offer, WordPress isn’t free of flaws though. And one of the most common issues that WordPress users often grapple with is the frequent security loophole it has, especially in the form of comment spam.


Dealing with spam comments is crucial to ensure the credibility and safety of your website. Over the years, WordPress folks have learned several ways to prevent spam, thus strengthening the functioning of their site. In this write up, I’ll introduce you with some basic tips and tricks you can implement to make sure spammers won’t be able to submit spam to your website. The strategies mentioned are easy to follow and will definitely help you to augment the performance of your site.

1. Moderate WordPress Comment

There is an in-built feature in WordPress to fight comment spam. Just go to WordPress dashboard and then “Discussion Panel”. In this page, you can see a section, which reads, “Before a comment appears”. Use this section to decide upon which comments should be sent for moderation and which can be published automatically. The section provides you with two options. The first one which reads, “the comment must be manually approved”, will allow every single comment made on the blog to be sent through moderation, and can only appear below the post once it is approved. If you, however, select the second option, which reads, “Comment author must have a previously approved comment”, will allow you to publish comments only of those authors who have had one of their comments approved previously.

Most of the website owners find the second option more useful. Because since the credibility has been established already, the site user feels more confident about submitting the comments of those who have got their comment published in the past as well.

2. Blocking The IP Address of Spammers

WordPress provides you a facility to block the IP addresses of spammers who continuously add bulk of spam comments to your website. For this you can make use of .htaccess file., which resides in the root directory of your website File System. The steps of blocking IP address are mentioned below.

  • Go to File System via FTP client
  • Start downloading .htaccess file from the root directory
  • Create a backup of the file before making any changes
  • Open the file in the notepad and start adding the following lines.
123Order allow,denyDeny from (change this number with the IP address you wish to block)Allow from all

Save the changes and upload the file to the root directory.

It’s done!

3. Blacklist The Offenders

This is extremely important to make sure spammers won’t be able to submit spam comment on your website. The comment blacklist is the feature, which you can use for this. The feature will allow you to block the IP addresses, email, name or content of spammers who constantly attack your website with comment spam.

4. Close Comments on Older Posts

Leaving the comment section open for old posts isn’t a good practice and demands much maintenance, as you have to keep things more organized here. Spammers often target old articles, but WordPress gives you a facility to disable comments on old articles.

To close these comments, simply go to Settings -> Discussion -> Other Comments Settings, and look for the box, which reads, “Automatically close comments older articles”. Here, enter the number of days you want to enable the comment section of an article. Normally, filling 14 days seem to be an ideal option.

5. Hold Links

Most of the time spammers include a number of hyperlinks in their comments. But, you can set up WordPress to hold comments, which contain a certain number of links with the help of “Content Moderation” section. The comments from different sources won’t include spam if there are no URLs added to them. Simply enable this setting by limiting the number to “1”. This will allow WordPress to send comments for the process of moderation if they contain multiple links.

6. Modify .htaccess File

.htaccess file can be very helpful to manage your comment section efficiently. Just add the following line in the file to reduce spam comments.

1234567891011121314151617# Protect from spam bots <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .wp-comments-post\.php* RewriteCond %{HTTP_REFERER} !.yourwebsite.com.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L] </IfModule>

You can replace “yourwebsite.com” with the URL of your website.

7. Use Anti-spam Plugins

There are also some handfuls of plugins, which can surely help you to combat comment spam. They are described as follow:

  • Akismet – This is a well-known WP plugin which comes by default with installation. It’s an automated spam service that filters comment spam into your root folder.
  • Quiz – Quiz is a reliable plugin that poses certain questions that comments submitters are required to answer.
  • Growmap Anti Spambot Plugin – The plugin comes with a customer side produced checkbox to your comment structure and asks the submitters to make sure they aren’t spammer.


Last, but not the least, you can let your viewers know what is acceptable and what is not on your website. Having a comprehensive comment policy will definitely come handy to create an anti spam functionality on your website.