How to Prevent Spam on WordPress


If you run a WordPress blog, spam is one of the unfortunate things you will have to deal with. Spam will be an issue from the very beginning and the more popular your blog becomes, the more spam comments you will receive.

While there is no sure method of getting rid of spam completely, there are ways to prevent it affecting your website. Spam mostly comes from automated bots, but WordPress users looking for a way to get some easy link juice are also a problem. Here are a few ways in which you can prevent useless comments affecting the quality of your blog.

Deleting all spam comments

Deleting spam comments is not exactly a way to prevent spam, but it is a good regular habit to get into and stops comments slowing down the loading time of your site.

Try to delete spam comments everyday by going to Comments and clicking on “Spam” from the top menu, followed by “Empty Spam.”

Hold comments

Holding comments for moderation is a good way to filter out spam and gives you control over what comments are published. To do this go to Settings > Discussion and tick the box that says, “Comment author must have a previously approved comment.” This will ensure those that comment regularly are not affected.

Here, under “Comment Moderation” you can also select to hold a comment if it contains a certain number of links (it is set to 2 by default) or a select list of words.

The “Comment Blacklist” option will automatically mark any comment containing banned words as spam.

Ban IP addresses

When a person makes a comment on your site, you are provided with the IP address; if you believe the IP is a spam bot, you can block it by adding the following code to .htaccess:

# block ip
order allow,deny
deny from
deny from
deny from
allow from all

You should change the IP to match the address of the offending comment.

.htaccess can also be used to block spam bots with no referrer by adding the following code:

# Protect from spam bots
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

Install a plugin

Anti-spam plugins are the best way of preventing spam and there are plenty of them available. While it can be tempting to install several anti-spam plugins, more than one can affect the speed of your website.

The plugins that I would recommend are Akismet and Antispam Bee. Both are simple and incredibly productive.

To install either plugin go to Plugins > Add New and type the name into the search box. Click on “Install Now” and then go to Plugins > Installed Plugins and select “Activate.” Antispam Bee gets to work immediately; however, Akismet will require you to get an API key from and save it in the Akismet configuration page under Settings on your dashboard.

Spam will always be a problem for WordPress, but using the methods featured here will help you form a strong barrier against it.

Our Recommended Wordpress Web Hosting Provider


Get a 50% Discount by using our link.

Reliable host, with excellent customer service and an easy one-click Wordpress installation. Our recommendation to host a Wordpress blog.

Leave a Reply

Your email address will not be published. Required fields are marked *