Updated March 3, 2025
Reading Time: 3 minutes
Comment spam is the scourge of any blog or website that is trying to attract more users with a comment section on it. Inappropriate or spammy comments can seriously damage your online reputation by making your website look neglected, or by exposing your website visitors to potentially harmful links. You go away for a weekend, log into your website’s backend and see some comments. Then after excitedly clicking you see that it’s just a bunch of bots offering you discounted perfume or free traffic for your website.
Keeping Things Clean
So, how can you put the spammers permanently in the trash?
Turn off auto-publish. First thing’s first, don’t allow comments to automatically be published on your website. Change it so that an admin has to approve everything that goes live. While obviously, this creates extra work for you, it shouldn’t be too bad if you…
Check your site’s posts regularly. Don’t let them mount up. If there’s a lot of spam, it doesn’t mean there aren’t real comments in there too. You need to check often to pick out the real ones and get rid of the spam.
Keep your forum software updated and patched. Make sure that you keep your software up-to-date and pay attention to security updates. Spammers take advantage of loopholes in outdated software on websites. So stop ignoring that WordPress update you see when you log on to your site.
Don’t allow anonymous posts. If you have the option to disable anonymous comments, do so. If you’re using your site, blog or forum as a lead generation tool an anonymous post is virtually worthless even if the comment isn’t spam. So don’t lose any sleep over excluding them.
Add a CAPTCHA. As an additional security feature to keep out the bots add a CAPTCHA. They require users to confirm that they’re human and not an automated script and should weed out more robots.
You can either get a specific plugin to add a CAPTCHA to your forms or, if you’re using Gravity Forms, you can use Google’s ReCAPTCHA tool for your website to keep the bots out.
Block suspicious behavior. Many CMS systems let you set a time limit between posts or from individual IP addresses and proxies. This again will make it easier for you separate the spam from the genuine user interactions.
Turn off comments on certain pages/ pieces of content. Some blog posts will be evergreen or last for a long time. But to save you the effort of having to moderate every single page of your website, turn off comments on pages that are unlikely to generate any user response. For example, if you have a blog post announcing your trade show appearance in 2013, it’s probably safe to turn off the comments now.
Blacklisting spammy terms. Block clearly inappropriate comments with a blacklist of spammy terms (e.g. streaming, pharmaceuticals, free handbags or NFL jerseys). After a while, you should be able to create your own list of terms that exclude the spammers but keep your genuine comments out of the bin.
Binning the Comment Spam
If you follow all of these steps you should only see genuine comments on your pages, forums or blog posts. Which means you’ll have more time to focus on responding, or creating thought-provoking content.
A/B Testing Ideas