In this digital world, technology and security threats are walking in parallel. As each of our business activity is attached to the internet, you cannot deny from the fact that infection is in every corner. In web development realm, there are several verticals that are in the trap, especially the content management systems. The reason is, CMS is the core foundation to build a website and the major affected name here is WordPress. This is because it holds a major share of total websites over the internet.
While the vast acceptance of WordPress is a boon for the entrepreneurs, it is attracting the hackers to intrude on the website and reap the desired benefits. One such example is spam comments as they are harmful to your brand reputation in front of your followers and genuine readers.
Although there is no permanent solution to prevent your website from spammers, it can be reduced to the minimal extent after following some protective measures. It simply involves proper configuration of your WordPress site from a reliable web development company. Undoubtedly, WordPress is the leading CMS, there is always a scope of being safe and away from all the vulnerabilities. The WordPress developers employ smart tactics to use this platform well with extreme security.
One can follow methods to handle WordPress comments:
Activate Akismet Plugin
Akismet is a very popular WordPress plugin that is designed with an aim to remove spam comment. This plugin is developed by Automattic, WordPress parent company to take out the burden of comment moderation so that the site admin can focus on other necessary aspects of web development.
- Checks all the comments by default and drains one that seems to be spam.
- The discard feature is used to permanently block the worst spam off your site to save the disk space and in turn speed up your WordPress site.
- Shows the list of approved comments posted by each individual user to the moderators.
- Displays URLs in the comment section to track hidden links.
- Status history of each comment is stored to scrutinize the categorization made by webmaster for both flagged and spam comments.
Use Batch Comment Spam Deletion Plugin
If you have a large comment spam, Batch Comment Spam Deletion plugin acts quite beneficial in the current scenario. It makes the process of Empty spam action a bit easier by deleting the spam messages in batch instead of putting the entire burden at once. You can install this plugin from the dashboard section and it will automatically modify the action of Empty Spam button.
Combat with Honeypot
Honeypot is a famous technique to prevent spam from your WordPress website. It makes the use of a plugin called as ‘WP Spam Fighter’. Install and activate this plugin and then enable Honeypot protection by moving to Settings section. This will add a hidden form to your comment area that only bots can see. These bots are capable enough of filling all the fields in a form, hence it becomes easy to catch the spam.
Deactivate Trackbacks
In the list of spam elements, a huge chunk of comment spam is trackbacks. A good practice is to disable the trackbacks for a particular page or post of a WordPress website. You can move to the ‘settings’ section and click on ‘discussion’. Here, in the ‘default article settings’, give a check on ‘allow link notification from other blogs (pingbacks and trackbacks)’. This allows trackbacks to be disabled as per your convenience.
Implement SQL command
With SQL command, it is an easy way to all the spammy and pending comments in no time. It is a risky process as a single wrong command can lead to the vanish of complete database. So, a clever approach is to take a local back up of your database by using an effective plugin called Dropbox Backup & Restore. There is a provision to click the ‘Restore’ button if something wrong happens.
To remove all pending comments, one can follow command:
DELETE FROM wp_comments WHERE comment_approved = “0”
Likewise, below command can be used to remove all the spam comments:
DELETE FROM wp_comments WHERE comment_approved = “spam”
Put comments for moderation
It is the simplest yet powerful way that most of the site owners are accepting to be safe from spam. A fair choice is to moderate all the first comments made by a visitor. If it is a bot, it will not be approved. Else, if someone did manual comment with a sole motto to get the link juice, you can block him for the lifetime.
One can also make a check on ‘comment author must have a previously approved comment’. The logic is simple. If you find a reader legitimate enough, it is okay to approve it. When the same reader makes a comment for the next time, it will be automatically approved because of the selection you made above. It saves your time and you don’t need to handle with approving and disapproving comments at quick intervals.
In the above image, we can notice that there is an added benefit for the WordPress users to omit those comments that contain more than 1 link.
Work on .htaccess
.htaccess is a strong weapon to improve your WordPress security. Short lines of code if added in this file can strongly help reduce the spam comments.
Below code can be inserted at your .htaccess to deny bots with no referrer-
<IfModul? mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.yourwebsite.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModul?>
Here, you need to put your website URL in the place of ‘yourwebsite.com’. This code blocks spam bots to intrude within.
The Final Gist
You need to have a flawless website in order to deserve a long-lasting website. It can be the removal of spam comments from your WordPress website or a any other issue to work for. But, your ultimate motto must be to avoid any discrepancy from your site to the maximum extent that you can.
The above post is a small effort towards suggesting the readers with the best possible measures so that breachers can be blocked from the spam comments. It can be anything as per your convenience, either installing any plugin or making some changes in the dashboard settings.