How To Stop WordPress Comment Spam

Comment spam is truly a very big problem for bloggers. We all like to write on our blog and would like to see genuine comments for the articles that we write because that is the only way of getting a good feedback of what you actually do. If you are new here and not very familiar with the term Comment Spam, here is a small introduction to what it actually is. We usually install a plug-in to get comments from viewers that can be an add-one, something that we missed out or maybe a simple appreciation for that article. Since they are putting in their comments, we also allow them to share a link to their website or blog. The problem arises when people start using your comment column to promote their links or give irrelevant comments so that they can just have more clicks on their links. This is called as Comment Spam.

Say No To Auto Publish

wordpress stop spamThe main reason spammers try to get through with your comment page is because they assume that you have set the publishing to auto-publish mode or systematic publish mode, either way the comments get published automatically before checking for spam. Auto publish or systematic publish is a big NO if you are looking to have a clean site without any spam. It is better to check the comments before they are being published. In that way, you can be sure that only genuine comments are visible in your site. General comments like, ‘I like this article’ and ‘this information is very useful’ could easily be spam. To check the genuineness of the comments, look out for comments that are linked to the content that is being commented upon.

Check The Email IDs

The email ids that are given in the comments column can give you an indication that is could be spam. Check for email addresses that have the same website but a different affiliate name. These could be spam and it is better to avoid posting the comments given from such IDs.

Use Plug-ins

There are a lot of plugins’ that are available in the market that will help you in making sure that your site is not used by spammers. WordPress Captcha is one such which is used by many to make sure that there is no comment spam. This can be of great help in reducing the automated content spam. Simple trackback validation is also a plugin that can help in tracking back and validating the real ones from fake ones. Bad behavior is also a good choice to make sure that spammers do not misuse your site. This can also be used in liaison with other spam blocking plug-ins to give an effective remedy to comment spam.

There is a catch in using plug-ins for your website. Free WordPress sites cannot have the comment spam plugins. Only a self hosted WordPress site can have these plug-ins’ that are very effective and can ensure that there is nil comment spam.

Protecting WordPress With Htaccess

WordPress has become the topmost CMS in the virtual world, pushing its competitors Drupal and Joomla somewhere far behind. However, with great popularity there comes great risk! There are so many spammers, hackers and bad people in and around the internet sphere trying to attack WordPress site in the best possible way.  This is the reason why you should take some efficient steps to keep your WordPress site always protected from potential threats. One of the best ways and probably the simplest way is to strengthen the security of your WordPress website is altering the .htaccess file.

wordpress security

What is .htaccess?

Hypertext Access, shortly called as .htaccess, is a configuration file in your WordPress site directory. By making right additions or alteration to the .htaccess files, you can keep your WordPress site safe and protected from various threats. Now let us see some ways of protecting WordPress with the use of .htaccess.


One of the best ways to protect your WordPress is by restricting the use of .htaccess only to authorized personnel. This can protect the file and make sure that no one is misusing the same.

Rewrite URLs

Another good way of protecting your WordPress site from getting into a Page Not Found page is to keep rewriting the URLs. Due to some reason or the other, we intend to change the name of our website or blog. There should not be any confusion when an old visitor is trying to revisit the page. The old URL should be linked to the new one so that you do not lose potential customers. The best possible way to redirect an address to another is by using the .htaccess file. Constantly changing the URL is also one way of protecting the WordPress site from potential dangers.


The directories of your WordPress site are very important to keep the whole site intact. Hence, you may not want your visitors to keep checking into the directories. With the .htaccess configuration file, one can control the directory views and this can ensure that not all the visitors can look into the directories.

Protecting wp-config.php

wp-config.php file is one of the important files found within your WordPress installation. It contains and stores crucial information of your site such as database information and security keys. This information is very critical and you should hide it from spammers to avoid damage to your WordPress site. You can do this by editing in your .htaccess files and prevent access to your wp-config.php file.

Blocking Threatening IP Address

If you have found a particular IP address attempting to log into your admin page to attack your WordPress site, then you can block that IP address or person by using your .htaccess file.

Blocking Entry to wp-content

The WordPress content folder, within WordPress install, is an important folder that contains themes, images and other sensitive details. So, it is good to block this folder from access by other people. To do this, you must add a .htaccess file to the wp-content folder. It permits the users to view CSS, images, etc,but blocks the crucial PHP files.

By editing .htaccess files, you can boost the security of your WordPress site. Making editing is very simple; however, you should do it with proper attention to avoid big errors that if not noticed, can even break your entire site.