One of the biggest problem in running a WordPress blog is the comments spam. Being the world’s most popular blogging platform, WordPress not only offers wonderful features but also invites lots and lots of spam comments to your blog. Though plugins like Akismet helps to identify spam comments, it is essential to take some advanced steps to reduce the comments spam on your WordPress site. Al in one WP security and firewall plugin is a free plugin helps to reduce spams to certain extent. In this article we will discuss how to prevent comments spam in WordPress site using all in one WP security and firewall plugin.
All in One WP Security and Firewall Plugin
All in one WP security plugin is one of the free and popular security plugins for WordPress. It measures the security of your WordPress site with points system by defining certain points to each security measure. Navigate to “Plugins > Add New” on your WordPress admin dashboard and search for “All in one wp security” in the search box.
Finding All in One WP Security and Firewall Plugin
The plugin was installed on more than 400K active sites and offered by Tips and Tricks HQ team. Install the plugin and activate it. Once activated the plugin will create a shortcut menu “WP Security” with plenty of options. Navigate to “WP Security > Dashboard” to see the overall summary of the security status.
All in One WP Security Plugin Dashboard
Comments Spam Protection
Among many other options comment spam prevention is one of the free security features offered by the plugin. Navigate to “WP Security > SPAM Prevention” to see the comments spam prevention options. There are three tabs under this section:
- Comments Spam
- Comments Spam IP Monitoring
- BuddyPress
Comments Spam
You have two options under this section.
Add Captcha to Comments Form
The first option is to enable captcha on the comment form of your site. Enabling captcha on the comment form will add 20 points in the security scale and the plugin will automatically add the captcha without any additional plugin or .htaccess entries.
Enable Captcha in Comments Form
Once the captcha is enabled there will be a question added to your theme’s comment form and it will look like below:
Captcha Question in Comments Form
Block Spambot Comments
The second option is to block comments generated by automatic spambots. When you look into your spam comments you can easily find out that more than 90% of the spam comments are not submitted by a human user. For example, comments submitted by spambots generally use capital letters unnecessarily and have special characters in between which human users will never do it. So blocking the spambots will considerably reduce the spam comments and save lot of time for you. Enabling this option will add 10 more points to the security scale of your site.
Block Spambot Comments in WordPress
When a user manually submits a comment on your site, the referrer field “HTTP_REFERRER” should be your own domain. The plugin effectively blocks all submissions if the “HTTP_REFERRER” is not your own domain thus preventing the bots to submit comments directly calling “comments.php” file from your WordPress installation. The plugin does this by adding the following directive in .htaccess file.
#AIOWPS_BLOCK_SPAMBOTS_START
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} ^(.*)?wp-comments-post\.php(.*)$
RewriteCond %{HTTP_REFERER} !^http://localhost [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule .* http://127.0.0.1 [L]
</IfModule>
#AIOWPS_BLOCK_SPAMBOTS_END
Comments Spam IP Monitoring
Monitoring and blocking the IP address of the spam commenter helps is reducing the repeat spam comments. This tab has three sections:
- Auto block Spammer IPs
- List Spammer IP Addresses
- Spammer IP Address Results
Since the plugin does not use .htaccess for these options, there should be no conflict when using these options on your site.
Auto Block Spammer IPs
How about automatically blocking the user’s IP when there are 3 spam comments received? You can enable this by selecting the checkbox “Enable Auto Block of Spam Comment IPs” and mention the minimum number of spam comments. For example, if you mention 3 then the commenter’s IP will be automatically blocked when there are 3 or more spam comments submitted from that IP.
Auto Block Spam Comments IP
When you have blocked IP addresses it will be shown in the box like below and you can view the blocked IP addresses any point of time.
View Blocked IP Address
Clicking on the “View Blocked IPs” button will take you to “Dashboard > Permanent Block List” and shows the list of permanently blocked IPs.
In a practical scenario, if you have Akismet plugin installed and enter 5 as minimum number of spam comments then all IP addresses leaving 5 or more spam comments will be automatically blocked.Â
List Spammer IP Addresses and Spammer IP Address Results
If you do not want to auto block the IPs and want to manually deal with the spammers IP then enter the “Minimum number of spam comments per IP”. For example, if you enter 2 and click on the “Find IP Addresses” button then all IPs from which two or more spam comments received will be listed.
Manually Blocking Spammer IP Addresses
From the list of IP addresses, you can either block individual IP address or do bulk blocking.
 BuddyPress
The last option for spam prevention is to add a captcha on BuddyPress registration form. If you don’t use BuddyPress then the plugin will show the message and this option is not useful for you. If you are using BuddyPress then enabling this option will add a mathematical captcha in the registration form and reduce the spam signups.
Adding Captcha to BuddyPress Registration Form
Conclusion
Though preventing spam comments is required, it needs lot of efforts for site owners to monitor and take necessary actions. Plugins like Akismet identify and classify the comment as a spam but does not do any further action. So we recommend to give a try to all in one WP security and firewall plugin to block the spam commenters and save your time.
Leave a Reply
Your email is safe with us.