Protect your WordPress site/blog from comment spam trick

Categories: Wordpress

I got caught with this trick once so I decided to share this with other web masters who don’t know this already.

In WordPress the default settings for comments (Settings->Discussion) are set as the following:

So the requirements for a comment to appear are:

  • Comment author must fill out name and e-mail.
  • Comment author must have a previously approved comment .

This is all good until someone decides to be all nice about your site and make a true nice comment so you approve it and then becomes a spammer. Since you already approved one of his comments before so now he can post a spam comment with links everywhere without your permission.

This is how this trick works:

  1. Someone comes to your site and makes an honest nice comment about a post.
  2. You do the only reasonable thing to do which is to approve that comment.
  3. Now that the person has an approved comment, he meets both the criteria for a comment to appear without the webmaster having to approve it!
  4. He comes in and posts spam comments with links left right and center on your site!

To protect yourself from this, tick the “An administrator must always approve the comment” from the settings (Settings->Discussion).

Articles you may also like:

  1. How to control access of the web crawlers or web robots to your site
  2. WordPress Easy Paypal Payment or Donation Accept Plugin
  3. Easy to use WordPress plugin for Contact Form
  4. Reduce your website’s bandwidth and storage usage
  5. Query or show a specific post in wordpress
Tags: , ,

Subscribe to Tips and Tricks HQ to stay informed

twitter_icon

7 Responses.

  • #1 by Shorlan on December 2, 2011 - 12:41 am

    Go trick. When I first started up my blog those were the first settings I looked in to. Right now a good 19/20 comments are still generic spams, but it’s those rare nice comments that inspire you to keep going.

    One additional easy tip is to Google a portion of any comment you get. Chances are, if it is generic spam, then it will be repeated hundreds of times in multiple places, verbatim or nearly word-for-word with slight modifications (Yeah, spam bots even change up their wording slightly every couple hundred posts!)

  • #2 by clean green environment on June 22, 2011 - 1:40 am

    Great information about spam comment filtration. Your work is greatly appreciated. I have already made my comment settings to rel=”nofollow” to avoid any spam outbound links from my webpage.

  • #3 by splbkean on December 6, 2009 - 8:59 pm

    Great list with some I missed, so thanks! (Hey that rhymed :) )

  • #4 by Walte Call on November 15, 2009 - 11:10 am

    Thanks a lot for very useful post. But I had trouble navigating through your web site because I kept getting 502 bad gateway error. Just thought to let you know.

  • #5 by Private Label Rights on September 1, 2009 - 9:08 pm

    I love your posts! Please write more often if you can

  • #6 by tielty on December 10, 2008 - 10:05 am

    Isn’t the link in the WordPress comment has rel=”nofollow” attached to it by default though?

  • #7 by Martin on December 3, 2008 - 11:41 am

    Nice one! I need to change my comments settings.

Featured & Popular Articles

Tips and Tricks Hot Items

wordpress estore plugin
wordpress membership plugin
WordPress PDF Stamper Plugin
WordPress Lightbox Ultimate Plugin
WordPress Affiliate Link Manager Plugin
wordpress affiliate plugin