2 Simple Steps to Block Comment Spam on Your WordPress Site

This quick tutorial shows you 2 simple steps to block comment spam on your WordPress site.

1 Disable Website Field in the Comment Form

The default WordPress comment form includes a website field, which is a way to encourage genuine comment in the early days of blogging. But now this website field is abused by spammers  to link back to their websites. Disabling it can greatly discourage spammers.

To disable the website filed in comment form, simply open your WordPress theme’s functions.php file and add the following lines at the bottom.

// remove comment author url
add_filter('comment_form_default_fields', 'website_remove');
function website_remove($fields)
{
        if(isset($fields['url']))
        unset($fields['url']);
        return $fields;
}

Save the file and you are done.

2 Install Wp Spam Fighter Plugin

WP Spam Fighter is a great plugin to stop comment spams from bots. Many spammers uses scripts to leave comments on websites. WP Spam Fighter can prevent comment spam without moderation, captchas or questions.

wp spam fighter

Install and activate this plugin on your WordPress site, then go to WordPress Dashboard -> Settings -> WP Spam Fighter. By default, timestamp protection and honeypot protection are enabled, which are enough to prevent comment spam from bots. I don’t enable Recaptcha protection because it will degrade user experience.

wordpress block comment spam

Generally, I just use the default settings in WP Spam Fighter and my site have caught almost 400 comment spams.

wordpress delete comment spam automatically

By default, comment spam won’t be deleted in WordPress database. I use the following Cron job on my Linux server to delete comment spam once an hour and delete trashed comments once a day. Replace database_name with your own WordPress database name.

# delete spam comments hourly
@hourly /usr/bin/mysql -u root database_name -Bse "delete from wp_comments where comment_approved = 'spam';"

# delete trashed comments daily
@daily /usr/bin/mysql -u root database_name -Bse "delete from wp_comments where comment_approved = 'trash';"

The above Cron job is put in root user’s crontab file.

sudo crontab -e

If you have multiple WordPress sites on a single Linux server, then you need add a cron job for each of your WordPress databases.

# delete spam comments hourly
@hourly /usr/bin/mysql -u root database1_name -Bse "delete from wp_comments where comment_approved = 'spam';"
@hourly /usr/bin/mysql -u root database2_name -Bse "delete from wp_comments where comment_approved = 'spam';"

# delete trashed comments daily
@daily /usr/bin/mysql -u root database1_name -Bse "delete from wp_comments where comment_approved = 'trash';"
@daily /usr/bin/mysql -u root database2_name -Bse "delete from wp_comments where comment_approved = 'trash';"

That’s all folks!

Rate this tutorial
[Total: 0 Average: 0]

Leave a Reply

Your email address will not be published. Required fields are marked *