Battling Comment Spam – Dealing With It

  • Sumo

Battling Comment SpamCombating Spam

In the previous post we looked at what blog comment spam is.  We defined three different types and looked at three different sources.  But now we want to know, “How do we fight back?”  Comments are a valuable part of blogging and the social web.  They are vital for building community.  But it takes time to moderate comments.  What ways can help us handle the load?


Some bloggers have given up the fight.  They shut comments off completely and the blog becomes a one-way rant rather than a conversation.  I find this very frustrating.   It cuts out an important part of the blog experience and doesn’t help the community.  There are no conversations, no backlinks, no accountability.  This is appropriate for a corporate information site, but not for a blog.

Laissez Faire

Others have given up the fight by going in the opposite direction.  They just auto approve everything.  They get lots of spammy comments (and I’m sure that the spammers share this information) and let them sit in amongst the true conversation — kind of like weeds in a garden.  This works well as long as you don’t mind the type of spam coming in.  Some of it is actually quite creative and even fits into your blog.

But what happens when you start seeing the pornography comments?  Or the “600 link” comments?  What happens when your visitors see them?

Middle Ground

Most of us have to live somewhere in the middle ground between these two extremes.  But how do we handle it without going crazy?  Well there are lots of techniques that are in use right now and you need to find a combination that works well for you.

I use mostly WordPress blogs, so this will lean more towards WP but most of these techniques should be available in other blog software.

Blog Settings

WordPress Dicsussion Settings (part 1)

WordPress Comment Settings

WordPress allows you to set up some basic comment moderation.  There are several settings:


  1. Require commenters sign up for your blog.  I know that always turns me away from commenting on someone’s blog — I don’t have time to register and remember another userid/password.  Check out Are You Chasing Your Blog Audience Away? for a well written post on this subject.  Bottom line, don’t do this unless you’re building a forum.
  2. All comments are put into the moderation queue.  This is the kind of work we’re trying to avoid, so lets see what else there is.
  3. Allow users who’ve already had approved comments on your blog to post without moderation.  This will cut down on the amount of work required if you have a lot of repeat commenters.  But keep in mind that spammers know this and will often put in 1 or 2 good comments to get past this and then start spamming.
  4. Allow all comments.  Believe it or not, this is the route that use on my blogs although I have some plugins that help identify spam.


WordPress Discussion Settings (Part 2)

WordPress Comment Filter Settings

There is also a section of comment filters that is applied to every incoming comment regardless of the settings described above.  This allow you to set up general filters that look for certain keywords or multiple links.

I’ve left these alone as the plugins that I use will do a better job of catching these types of spam comments.


WordPress Discussion Settings (Part 3)

WordPress Avatar Settings

Finally, there is the avatar.  If you’re not familiar with this concept, I’d suggest that you check out Gravatar, the de facto standard for avatar handling on the web at this point.  It allows users to have a profile picture that follows them around the web.  Set it up once and it is there for any site that allows them to be used.  This functionality is built into WordPress and most other CMS and blog systems.

The advantage to having Gravatar enabled on your site is that spammers rarely have one.  They are based on email addresses and spambots use throwaway addresses.  This will be a big help when moderating the comments that get into the queue (or even those that get through).  Keep in mind that the absence of a Gravatar is not a spam indicator by itself — many legitimate users don’t use them yet leave thoughtful and useful comments.


Now that we’ve done what we can do with WordPress out of the box, we can now start to tinker.  If you go to the Install Plugins page and enter the keyword spam you’ll be presented with a list of plugins that deal with spam related issues.  The current list shows 19 entries.  Some of them are older plugins that are no longer supported (or needed).  There is even one that let’s you turn off the colour coding for spam entries so they don’t clash with the admin theme colours.

But of the rest, there are 2 major classes of plugins — those that try to prevent or slow down spammers and those that try to determine which comments are spam after the fact.


These plugins use different techniques to ensure that the comment is coming from a live person rather than a spambot.  They’re usually pretty effective and use techniques such as Captcha’s or mathematical questions that are hard (but not impossible) for a spambot to crack.

They work pretty well at keeping out most of the spam, but they may also keep out a lot of legitimate comments.  I know that I hate them and I doubt that I’m alone.  They make for an extra step to leave a comment.  And no matter how politely they are presented, the implication is that you don’t trust me.  For this reason alone, I don’t plan on using this type of plugin to combat spam.


Detection is the other route.  These plugins will scan comments that come in, looking for various characteristics that indicate spam.  The best of them use databases to compare comments against.  Over time they become more accurate.  They will detect potential spam comments and either delete them or put them into the moderation queue for you to check.

I like this route.  It allows most legitimate comments to come through without any intervention or extra steps on the commenter’s part.  The comments show up immediately.  And any questionable comments will end up in the moderator’s queue where you get to decide.

My favourite plugin for spam detection is Akismet, which comes built in to WordPress.  You’ll need to get a free API key to allow the plugin access to the database, but that’s all.  The API key works for multiple sites and there are Akismet plugins for other CMS products (for example, I have a Drupal site with Akismet enabled).

The Future

What does the future hold?  Well, if the past is any indication, spam will continue to be a problem for bloggers.  As long as it gives them a benefit (i.e. traffic and/or backlinks) that outweighs the costs they will continue to find ways to put comments in our blogs.  Hopefully platforms like WordPress will be able to introduce tools to reduce spambots.  I’m hoping to see a mod that will use nonces to bounce the bots.  I don’t know if it would work 100% and there are some other issues with it.  But it may be one way to make things harder for them.

In the mean time, we have to continue to be vigilant in our fight against spam.  We need to look at our strategy to keep spam out of our blogs while encouraging good communities.  It isn’t an easy task, but I believe that it is worth it.

The Next Phase — Moderating

We will have some comments in our moderator queue that the filters and plugins weren’t sure about.  There may be some comments that went live when they shouldn’t have.  And worst of all, there may be some false positives that were flagged as spam.  In the next article will discuss how to handle this.

[stextbox id=”custom” mleft=”20px” mtop=”20px”]This post was part of a series originally posted at my blog Ramblings. I feel that this series  is a good fit for LMA so I’ve reposted them here.[/stextbox]

Female Warrior 3 image by EdwinP at stock.xchng

Related Posts:

  • No Related Posts


Battling Comment Spam – Dealing With It — 2 Comments

  1. Bill this is a real problem and a pain in the ___ for many. I have the old time and I guess the one advantage is Akismet (spelling?) which does a very good job with spam. For many reasons I wish I could migrate away from this platform but I am pretty much stuck with it. But at least Akismet is a nice tool. Your thoughts?

    • Hi Steven. Akismet (you spelled it correctly) is pretty good. But there are some other plugins which can make the job easier. I’m currently using AntiBacklinker and GASP which are part of the CommentLuv Premium plugin (it’s actually a set of plugins). They don’t require lookups to a database like Akismet does. They look more at the way that the comment is coming in to the system. I’m not sure if they are available on the platform since they restrict which plugins you can use.

      I’d still like to see features that allow me to specify certain types of comments to be blackholed (i.e. they never show up at all) rather than just blacklisted (put directly into Spam) or put into moderation.

      I see that you’re creating some great content on your blog and I’d recommend that you look into moving it to a self hosted WordPress install at some point soon. is great but limited. Self hosted is more work, but gives you much more flexibility and control.
      Bill (LoneWolf) Nickerson recently posted…Internet Marketing Mistake #1 – Building on Shaky GroundMy Profile

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge
You may put keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 5) For example: Bill Nickerson@List Marketing Adventure