How to Recognize and Reduce Spam On Your Website

Spam. Anyone with a blog or a forum has had unwanted intimate relations with spam and many different spammers. Spammers are the single most persistently annoying, and sometimes confounding, issue a blog or forum owner must deal with. Whenever I start working with a client that has already set up their WordPress site and is now coming to me for some administrative help, one of the first problems that must be dealt with is the spam that has made it through to their posts.

These clients often think that because they have Akismet, and perhaps Bad Behavior or another spam plugin installed, that their site is safe from spammers. It is not and there is a bit to learn if you are to keep your site clean. Some obvious spam, like totally unrelated comments laced with links to filthy sites and pharmaceutical sales pitches, are easily stopped by the WordPress plugins. If you have installed a couple of these, at least 75% of the spam targeting your site will be blocked. But with hundreds of spams coming in every day, blocking 75% is not enough.

stop spam

Even the newest, most lonely sites will attract spammers. I recently had a client whose site had been up for many months and included over 50 posts. The site had well over 100 comments, but 95% at least were from spammers. Many of these spammers were so good that the client had even responded to the spam comment as if replying to a real person. At the end of this post, I will recommend a few specific WordPress plugins that will help keep out spammers. But first I will give some specific examples and suggestions that anyone, even if not using WordPress, can use to keep spam at bay.

Though there are several types of spam, they all have one thing in common, a desire to get links posted on your site that point back to their spammy websites. They often don’t even care if their links are ever clicked; they just want the links in an attempt to increase the validity of their sites and hopefully return their sites in the results of search engines.

Automated, Trashy, Spam: The biggest spam type is completely automated spam with many red flags that enable spam filters to fairly easily block it out. This spam often includes multiple links to many different sites. Most web blogging platforms like WordPress, etc. do a good job keeping this type out.

Automated, Targeted, Spam: This type of spam, although generated automatically by non-human methods, still tries to slip through by appearing to be related to your post content. These comments often have very generic content, that if you think about it, can be posted on almost any blog article and not always jump out as spam. Here are a few examples:

“It’s strange that we agree so much on this issue yet hail from completely different parts of the globe”
“Thanks for the great article, I enjoyed reading it”
“Good job! What a great post!”
“You got a really useful blog I have been here reading for about half an hour. I am a newbie and your post is valuable for me.”
“I’m extremely impressed with your writing skills as well as with the layout on your blog. Is this a paid theme or did you customize it yourself? Anyway keep up the nice quality writing, it is rare to see a nice blog like this one nowadays.”
“Thanks for this! I will be reading more of your posts and will come back often.”

These types of comments can fool new bloggers into not only leaving them on their sites, but replying to them in a comment of their own. The best way to deal with these is to look with skepticism at all comments that come in. Think about the content and decide whether it adds anything specific to the conversation on the post. Also click on any link the commenter leaves, including the link to their name. You can quickly tell a spammer by the content of their links.

Spammers have programs that automatically scan the web for posts that mention words like “author”, “book” etc. then post a comment that tries to sneak in by saying something, like “I have read his book once from a friend and it is very encouraging and really worth the read.” They also look for words like “vitamins”, “organic food”, “whole wheat bread” etc. etc. and then generate a comment that looks real. Hard to believe at first, I know, but these sleazy spammers are really that good!

The final kind of spam is a kind that really annoys and falls into two types, both generated by a real person. The first type is a comment posted by a person who uses a genuine sounding name like Susan or David, then tries to make a comment that also seems genuine. Often the comment will be lame because they are hurrying around to many sites leaving similar comments. They key is to look at the link they leave and decide what their motivations for the comment are. The second type of spammer leaves a comment like the first, but instead of making up a “real” sounding name, just uses a keyword as their name. Examples are “SEO Expert”, Houston Real Estate”, or “Lose Belly Fat”.

I require that people use a name, not a keyword to comment on my sites. I also check links and if a link is spammy, I delete it. I may not always delete the comment, but will delete the link. If someone is making a comment just to get a link to their site selling something, I believe they either need to make one heck of an astounding comment or they should be buying an advertisement. This approach requires some flexibility. I have a few regular commentators that leave really good comments that do add to the conversation, but the link to their site is pretty commercial in nature. I let these go. I figure if someone is regularly making well thought out comments then they are contributing in a way that prompts me to allow their link to a sales page of their website.

In short, spam is hard to monitor and spammers are tricky. The best approach is to examine every comment and the link that is left. If you are uncomfortable with anything, you have the control to delete the link, or even the comment. It’s your site so you make the commenting rules. And speaking of rules, it pays to have a few to fall back on. Believe it or not, I have had spammers on my personal site email me asking why I deleted their links. I just point them to my comment policy.

Finally for WordPress users, here are a few spam plugin recommendations.  Number one for most people will be to activate Akismet.  This plugin comes with WordPress and is used by almost all WordPress sites.  Some people do not like or use Akisment, but I have had no trouble with it in all the years I have been writing.  I recommend it but do not check the “auto delete” setting for posts over one month old.  I have also used Simple Trackback Validation for several years to stop trackback spam.  Although not updated in a long time.

For several years and until recently I have also used AntiSpam Plugin by Siteguarding.  This plugin worked great for me and others until the last couple of WordPress updates when it started catching some legitimate comments, many by people who had successfully commented on willtaft.com up to one hundred times or more.  Unable to get the issue figured out or resolved, I reluctantly have stopped using it.  I then experimented with various “Captcha” plugins that worked well.  Ultimately I decided that I did not want to require captcha on my sites because I feel it is a hurdle between many potential commentators and conversations on my sites. In a compromise I started using the Growmap Anti Spambot Plugin by Andy Bailey.  This plugin creates a simple check box that must be ticked when a comment is submitted.  It is not my ideal solution as it still requires input from a commentator, but it is simple and so far have not had any complaints from readers.