Eliminating Blog Spam on Your WordPress Website

The longer your wordpress website is online, the more pages that are listed in search engines.  Getting pages listed is good for your business, for sure, but it also makes it easier for blog spammers to target your site in their efforts to get links to their own sites.  One method of doing this is referral spam.  Perusing some of the comments blocked naturally by Akismet, it is fairly clear that they were not written by a human.  Even though some of the malformed subjects and content created by spinning tools can become a source of amusement, having to manage your blog spam queue is a PIA and waste of time.

To keep your site healthy, you have to learn something about how things work and keep code up to date.  Another term for this is website maintenance.  Over the years they have been online, I have tried several things in my efforts to overcome my blog spam at GetIncomeBlog.com and my WordPress Website Development business site.

Within this post, I offer some alternative solutions and details about the one that I’ve settled on which is working perfectly for me. 

Disabling New Comments

Within the WordPress dashboard, under Settings –> Discussion, there is an option to automatically close comments on articles older that a user definable time frame.  This is probably the easiest counter-measure against blog spam but I’ve never enabled that option because most of my content is not time sensitive and I don’t want to disallow comments for people who might find it weeks, months or years after the post has been published.

Plugins

For a while, I used the Antispam Bee plug-in.  It was effective against blog spam but it didn’t allow me to review comments that had identified as spam.  Because there have been times when I’ve found comments from people that I know which have been marked as spam by Aismet, I didn’t want to risk it.

Referral Blog Spam Comments

Referral blog spam is generated by software and used by people who are looking for links back to their pages.  These people are banking on the fact that their blog spam will land on blogs where comments are automatically approved.  I’ve never set up a site that way and I’ve never allowed any of my WordPress Website Development clients to do so either.

The biggest headache for me was referral blog spam.  Recently, I implemented some changes.  After 72 hours of testing, I’m satisfied that I’ve found a solution that is worth sharing.  Bona fide comments are still delivered and there been ZERO referral spam comments.

What a gift!

Eliminating Referral Blog Spam

The  technique that I used involves three things:

1. WordPress configuration
2. Modification of .htaccess
3. Captcha plug-in
4. A little vigilance

WordPress Configuration

First, here is a screen shot of how my Discussion settings are configured at all of my sites:

Some of these are defaults but others are not.  I do not automatically approve comments from people whose past comments have been approved.  By way of explanation, the reason that I only request notification when a comment is held for moderation is because that second email that comes after I’ve looked over a comment and approved it was redundant. 

.htaccess changes

To completely eliminate referral blog spam, you must add a few lines of code to your .htaccess file.  This is a file that resides on your server and was created at the time you installed the wordpress application.  It is critical that you retain a backup copy of this file because your site may become non-operational if you do not get it right the first time and you need to recover quickly when things go wrong.

# DENY ACCESS TO NO-REFERRER REQUESTS

RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post. [NC]
RewriteCond %{HTTP_REFERER} !.*YOURDOMAIN. [OR,NC]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule ^(.*)$ ^http://YOURDOMAIN.com/your-page/ [R=301,L]

These lines of code are placed just above the line that says # BEGIN WordPress. You will need to customize the code to agree with your domain names and destination URLs. This post does not endeavor to teach you the function behind the above code but, in summary, what it is doing if diverting comments that are not originated through the comment form on your site and, if someone’s software is trying to do that, they are directed to a page on one of my other domains that counts down the time until Christmas.  Granted, referral spammers will never see that page but it gives me a way to track their attempts when I review statistics that are logged by the Statpress plug-in.

You can use any text editor to read and modify the .htaccess file.  When you are saving the file, you must use double quotes so the file extension is not “.txt”.

Captcha plug-in

After a little trial and error, I decided to use the SI CAPTCHA Anti-Spam plug-in.  All that I can say about my choice is that this one did not require any additional coding and it accomplished the task.

Vigilance

WordPress also incorporates the ability to blacklist commenters.  You can bar a comment that contains user defined words in its content, by commenter’s name, by URL, by e-mail, or by IP.  For those referral blog spam comments that slip through the cracks for any reason, this will be the final authority on whether or not you have to manually handle their unwanted comments.

Caveat

There is one caveat to my preferred anti-referral blog spam method.  It will only work with a self-hosted WordPress website.  In other words, if your blog is hosted at WordPress.com, you will either have to put up with referral spam or install one of the available plug-ins through your dashboard.

Incoming search terms:

• referral spam
• is the Referral Task spam
• referral top more income blogs
• statpress spam
• what is a referral if blogging on wordpress
• wordpress plugin referrer spam
• wordpress referral spam
• wordpress referrer spam plugin
• wordpress site referral

Related Posts

1. Website Conversion Tactics
2. Good Website Design and SEO are not Mutually Exclusive
3. How to SEO Optimize WordPress Images
4. PLR WordPress Websites … Turn Key or Not?
5. Anyone Can Install WordPress … Right?
6. Website Copyright: It Matters!
7. Don’t Should on Yourself!
8. Matt Mullenweg: Entrepreneur with a Vision
9. Mixing Friendship and Business is a Bad for Business
10. I’m Not Really a Waitress …
11. Panning for Gold
12. Should You Fire Your Client?
13. With all the outsourcing, is anything made in the USA anymore?
14. SEO and Watching Paint Dry
15. The Proposal …