How to combat WordPress comment spam

How to combat WordPress comment spam

This article explains how to mitigate comment spam on your WordPress site.  

Enable Akismet

Your WordPress installation includes Akismet, a comment spam blocking plug-in from Automattic, the company behind WordPress. Akismet detects and blocks spam with the help of its database, which contains all comments flagged as spam by its entire user base. It will catch most automated spam.

Akismet is not activated by default. To activate it, secure an API key on the Akismet website

Enable comment moderation

WordPress includes a number of features to combat spam. They can be found under the Settings menu in the main navigation menu. Select the Discussion submenu, then scroll to Comment Moderation.


From this menu, you can limit for the number of links in a comment before it is dropped into moderation. On a low-traffic blog, we suggest you restrict all comments that include a link. On a high-traffic blog with active comment threads, we suggest you leave the default setting of two links intact. Some spam will go undetected, but a lower setting will create a moderation nightmare and irritate your visitors.

Put regular offenders on the comment blacklist

The comment blacklist is located in the same section as comment moderation under the Settings menu in the main navigation menu (Figure 2). The comment blacklist flags any comments including these words as spam. The comments will not show up on your site, but will instead be held in the database. Holding comments in the database can help cultivate anti-spam plug-ins like Akismet. Be careful when adding words to the blacklist as it will match inside words as well.


Disable comments

Many sites now disable comments, thus preventing the need for moderation. If disabling commenting altogether is a viable option, the Disable Comments plug-in allows you to globally disable comments for the entire site and can even disable comments on multi-site installations.

Restrict comments to registered users

WordPress also allows you to restrict commenting to verified, logged-in users, but we also recommend the Social Login plug-in and the Jetpack plug-in, which allows commenters to validate themselves with social media credentials. This allows visitors to your site to comment on your posts without needing to create an account. 


For 24-hour assistance any day of the year, contact our Support Team by email or through the Client Portal.

Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to configure a WordPress multi-site network
Added on Wed, Jan 2, 2019
How to change WordPress URLs
Added on Wed, Jan 2, 2019
What is WordPress?
Added on Wed, Sep 11, 2013
How to add and remove WordPress users
Added on Mon, Jun 4, 2018
How to configure the Nexcess CDN with WordPress and W3 Total Cache
Added on Thu, Mar 8, 2018
How to install WordPress
Added on Tue, Jan 8, 2019
How to create WordPress dev sites
Added on Mon, Dec 31, 2018
How to configure WordPress heartbeat
Added on Fri, Jun 14, 2019
How to configure WordPress file permissions
Added on Wed, Jan 2, 2019
How to add Favicons to WordPress
Added on Tue, Jan 8, 2019