Dealing with Spam Comments and Form Submissions in WordPress


If you have a WordPress site that utilizes comments or any kind of forms, you have to deal with spam. It’s a fact of online life. Spammers can be mildly annoying or outright debilitating, depending on how often and hard they hit your site. You can fight back in a number of ways. First, you can make adjustments to the settings within the WordPress dashboard. Second, you can take advantage of lots of helpful plugins for controlling spam.

Bear in mind that none of the solutions listed below is 100% foolproof. But with the right combination of solutions applied to your site, you can drastically reduce the amount of spam you have to deal with.

Adjust Discussion Settings

The easiest way to attack spam comments left on your website is to adjust the settings in the Discussion portion of the dashboard. Log in to your dashboard, mouse over ‘Settings‘ on the left side, then click on ‘Discussion‘. The new page will open up with a long list of options to choose from. On this page you can:

  • require people leaving comments to include an e-mail address and name
  • require registration in order to comment
  • require that registered users log in before they can comment
  • choose options that require comments be approved before being published.

All of these options may be suitable if you run a small site and you don’t get a ton of comments every day. But for sites with hundreds of daily users and lots of content, these settings alone are probably not going to get the job done. Furthermore, changing the Discussion settings doesn’t help with forms.

For example, consider a church website that offers an area for people to post prayer requests. Spammers can use these forms to leave the same kinds of information they would otherwise post using comments. That sort of spam has to be dealt with separately, which is best done through the use of a plugin.

Plugin Choices

As always, the best way to expand the capabilities of your WordPress site is through a plugin. WordPress comes with the Akismet plugin by default; you can start using it right away simply by activating it in the Plugins section of your dashboard. There is only one catch to Akismet: you need to register on the developer’s website in order to get the API key you need to activate the plugin. API keys are free for personal use; businesses and other professional organizations need to pay for the key.

If you are not keen on Akismet (and a lot of people are not) or having to pay to get an API key, there are alternatives:

  • SI Captcha Anti-Spam – 300,000+ active installs
  • WP-Spamshield – 100,000+ active installs
  • Anti-Spam – 100,000+ active installs
  • Spam Free WordPress – 80,000+ active installs
  • Spam Comments Cleaner – 6,000+ active installs

Each of the plugins offers a range of features you may or may not find helpful. We recommend you check them all out to see which would be best for you. At the end of the day, you don’t have to allow spammers to take over your WordPress site. You can fight back and keep them at bay.

Our Recommended Wordpress Web Hosting Provider


Get a 50% Discount by using our link.

Reliable host, with excellent customer service and an easy one-click Wordpress installation. Our recommendation to host a Wordpress blog.

Leave a Reply

Your email address will not be published. Required fields are marked *