1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to fight overwhelming number of spam comments?

Discussion in 'Blogging' started by billsfan2012, Jun 16, 2013.

  1. billsfan2012

    billsfan2012 Regular Member

    Joined:
    Jan 3, 2012
    Messages:
    254
    Likes Received:
    116
    Occupation:
    Internet Marketer
    Location:
    United States
    Home Page:
    Hi, I have a blog dedicated to an important subject. Believe it or not, it wasn't built for profits, but since the visitors took off, I threw up some Adsense ads, but that's as far as I'll go.

    Anyway, I've never had a blog this popular, and in the past I was able to manage the number of SPAM comments manually by just going through and deleting the bad ones, and Approving the good ones. Since I get a lot of good comments from people looking for advice and giving advice to others about this subject, it's important to me that I don't lose the good ones.

    But lately I can't keep up. Thousands of spam comments a day is something I can't keep up with.

    How can I minimize the Spam comments without losing the good ones? I do not use any plugins right now. Any good advice is appreciated
     
  2. Chintoo

    Chintoo Jr. VIP Jr. VIP Premium Member

    Joined:
    May 1, 2013
    Messages:
    445
    Likes Received:
    262
    One word - Akismet
     
    • Thanks Thanks x 1
  3. Repulsor

    Repulsor Power Member

    Joined:
    Jun 11, 2013
    Messages:
    712
    Likes Received:
    267
    Location:
    PHP Scripting ;)
    I dont know the plugins for these, but what you might want to achieve is :

    1.Block the comment from bots. - Visits without useragents,or with bot useragents.
    2.Use recaptcha in the comment form.

    I bet there are plugins made for this. So it would be simple click-install.
     
    • Thanks Thanks x 1
  4. igniteimages

    igniteimages Regular Member

    Joined:
    Apr 2, 2013
    Messages:
    393
    Likes Received:
    168
    With Akismet you can set the donation level to $0 if you like.

    I added it when I started to get the same problem as you and now I have no issues.
     
    • Thanks Thanks x 1
  5. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 21, 2013
    Messages:
    8,885
    Likes Received:
    7,480
    Occupation:
    ZLinky2Buy SEO Services
    Location:
    ⇩⇩⇩⇩⇩⇩⇩⇩⇩⇩⇩⇩
    Home Page:
    +1 for Akismet

    Also, I made my own captcha, but taking the screen resolution of visitors and checking. Most robots cannot report screen resolution....so I rejected comments for those who didn't provide one. 99% success rate.
     
    • Thanks Thanks x 1
  6. Kimi

    Kimi BANNED BANNED

    Joined:
    Jan 21, 2008
    Messages:
    860
    Likes Received:
    2,472
    For the spam manual comments use Akismet.

    For automated comments (which are the most) use this method:

    http://www.wpbeginner.com/plugins/how-to-block-spam-comment-bots-in-wordpress-with-honeypot/
     
    • Thanks Thanks x 1
  7. DylanC

    DylanC Junior Member

    Joined:
    Jul 12, 2012
    Messages:
    146
    Likes Received:
    25
    Akismet. There are other spam control plugins as well.
     
    • Thanks Thanks x 1
  8. gullsinn

    gullsinn Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 24, 2009
    Messages:
    2,429
    Likes Received:
    2,210
    Gender:
    Male
    Occupation:
    Jobless :D
    Location:
    Graveyard
    Home Page:
    Akismet is the best WordPress plugin to fight against spam comments.
     
    • Thanks Thanks x 1
  9. kindarthur

    kindarthur Jr. VIP Jr. VIP

    Joined:
    Nov 27, 2011
    Messages:
    2,219
    Likes Received:
    332
    Akismet filters out your comment and track-back spam for you, so you can focus on more important things....

    Good Luck!
     
    • Thanks Thanks x 1
  10. mrblackjack

    mrblackjack Jr. VIP Jr. VIP Premium Member

    Joined:
    Dec 6, 2011
    Messages:
    960
    Likes Received:
    552
    Occupation:
    I live alone, I work alone, I make money alone
    Location:
    G00gle LaNd
    The problem with Akismet is it only filters comments that have been sent already, which is good, but still the comments are sent so still you get server overload.

    Here is a trick to prevent spam comments, not using Akismet, and it wont overload your server, on the contrary:

    1. Htaccess referrer validation
    use this code to block no-referrer requests:
    Code:
    RewriteEngine On
     
    # block comment spam by denying access to no-referrer requests
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
    RewriteCond %{HTTP_REFERER} !.*YOUR-WEBSITE.COM.* [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule ^(.*)$ [URL]http://www.mattcutts.com/blog/[/URL] [R=301,L]
    
    
    this will direct all no-referrer requests made to 'wp-comments-post.php' to Matt Cutts blog :cool:

    2. Wp-comments-post.php edit
    the above method is not enough, cuz the requests are still made. Now, all spam comments' bots abuse this file for sending tons of spam:
    'wp-comments-post.php', replacing this file, will cause:
    1. they wont be able to send POST requests to send the spam comments cuz the file wont be found
    2. they wont be able to find your site in serps cuz you lack the famous foot-print.

    Now, if they do send POST requests to 'wp-comments-post.php', they will get a 404 page. Sending thousands of requests to a non existent page, will still cause server overload, cuz the 404 page will load thousands of times, so, best practice is to leave 'wp-comments-post.php' in the server, but it should be empty, and the the original functionality of 'wp-comments-post.php' should be replaced by other file.

    i.e., copy the contents of 'wp-comments-post.php' to a different file (and rename it), and leave 'wp-comments-post.php' empty on the server. When the bots will try to send POST requests to it, it will be empty so nothing will happen. it's preferable than loading a 404 page for each request.

    You need to find the files that call 'wp-comments-post.php' in the wordpress file system, and replace the call to the new file you created. These are the files that usually call 'wp-comments-post.php'

    a. 'comment.php'
    b. 'comment-template.php'

    3. Cookies
    next defense is using cookies to tag real humans. Since all spam comments' bots cannot accept cookies, we can filter them easily by assigning a unique cookie to each real user visiting our blog and testing the cookie existence against that user.

    So, go to your theme files, and locate: 'header.php' file. open it, and at the very beginning of the file (between the <?php code blocks of course), paste the following code:
    Code:
    if(!isset($_COOKIE['user'])){
    
            setcookie("user", $_SERVER["REMOTE_ADDR"].$_SERVER["HTTP_USER_AGENT"], 0 ,'/');
    
     
    }
    
    
    
    
    this code sets a unique cookie named 'user' to each real user.

    second part is validation of cookie existence.

    now, open the file you had created at stage 2 (the one that should replace 'wp-comments-post.php' functionality), and paste, at the very beginning of file (between the <?php code blocks of course), the following code:

    Code:
    if(!isset($_COOKIE['User']) || $_COOKIE['user'] != "".$_SERVER["REMOTE_ADDR"].$_SERVER["HTTP_USER_AGENT"].""){
    
          die();
        }
    
    
    
    
    this code snippet tests cookie existence against the real user to whom it was set. Since spam comments' bots cannot accept cookies, script will die.

    That's it.

    Apply the 3 stages I mentioned above, and you'll never have spam comments.

    good luck
     
    • Thanks Thanks x 3
  11. billsfan2012

    billsfan2012 Regular Member

    Joined:
    Jan 3, 2012
    Messages:
    254
    Likes Received:
    116
    Occupation:
    Internet Marketer
    Location:
    United States
    Home Page:
    Thanks for all the responses, especially yours mrblackjack, I may ultimately elect to implement that method.

    But for the time being, I'm taking the simple approach - Akismet - and i see that it has already filtered 1000 comments to my SPAM box.

    But how can I be confident that legitimate comments would not be filtered as Spam by Akismet?
     
    Last edited: Jun 18, 2013
  12. billsfan2012

    billsfan2012 Regular Member

    Joined:
    Jan 3, 2012
    Messages:
    254
    Likes Received:
    116
    Occupation:
    Internet Marketer
    Location:
    United States
    Home Page:
    So I actually decided to use "Block Spam by Math Reloaded" http://www.jamespegram.com/block-spam-by-math-reloaded/

    Half of me expects that spammers will have a way around the security question, but until then, it's nice to have a simple method of blocking spammers before they can leave a comment in the first place
     
  13. powpew

    powpew Regular Member

    Joined:
    Oct 30, 2011
    Messages:
    209
    Likes Received:
    44
    Had the same problem like you, but after installing this captcha plugin http://wordpress.org/plugins/captcha/ and enabling only +/- simple calculations as captcha, I got one single manual spammy comment in 2 weeks.
     
  14. Royalserviceteam

    Royalserviceteam Power Member

    Joined:
    Apr 2, 2011
    Messages:
    714
    Likes Received:
    230
    Occupation:
    fulltime IM
  15. bartosimpsonio

    bartosimpsonio Jr. VIP Jr. VIP Premium Member

    Joined:
    Mar 21, 2013
    Messages:
    8,885
    Likes Received:
    7,480
    Occupation:
    ZLinky2Buy SEO Services
    Location:
    ⇩⇩⇩⇩⇩⇩⇩⇩⇩⇩⇩⇩
    Home Page:
    Lucky you. I installed that and the spam flowed through like it wasn't even there. I wonder if whatever hole they were exploiting has been closed.
     
  16. billsfan2012

    billsfan2012 Regular Member

    Joined:
    Jan 3, 2012
    Messages:
    254
    Likes Received:
    116
    Occupation:
    Internet Marketer
    Location:
    United States
    Home Page:
    The captcha plugin is the same concept as the one I'm using now: Block Spam by Math Reloaded

    And I'll tell you right now, since yesterday, it has really helped control the spam issue!
     
  17. fenafillah

    fenafillah Junior Member

    Joined:
    Mar 14, 2012
    Messages:
    134
    Likes Received:
    56
    sometimes check them would be interesting one by one. You can find new ideas
     
  18. loudINMedia

    loudINMedia Junior Member

    Joined:
    Jun 10, 2013
    Messages:
    142
    Likes Received:
    14
    Location:
    London, UK
    Use plugins like disqus or a spam plugin that allows you to ban IPs that entertain spammers & they reach you back for commenting
     
  19. morgan456

    morgan456 Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 26, 2010
    Messages:
    2,114
    Likes Received:
    247
    Gender:
    Male
    Occupation:
    SEO company
    You can give a captcha to enter before letting them to add content on your site/blog.....!
     
  20. GoGetRanked

    GoGetRanked Power Member Premium Member

    Joined:
    Jun 8, 2013
    Messages:
    579
    Likes Received:
    397
    Occupation:
    CEO
    Location:
    Anywhere Baby
    Akismet ..works great
    and installs from your wp easily
    regards
    ToG