WordPress Comment Spam Stopped In Its Tracks! Best Plugin Ever.

by on June 28, 2009

It’s funny how you don’t miss something until it’s gone. In this case, I have been taking for granted the fact that a single plugin is devouring all our comment spam here at the Electron Plumber. Devouring it in the sense that the spam is blocked before it is accepted into the system, so not only have we been spam free, but the actual WordPress spam queue is empty as well.

Why would we want to do this?  The built in Askimet spam filter catches 99% of spam and throws it in the spam queue right? Well, in addition to letting 1% of the spam through, it also blocks 1% of the legitimate comments and drops them in the spam queue. Since we like everyone’s voice to be heard, we used to scan the spam queue manually a couple of times a day to make sure nothing got lost.

We moderate all comments here since lots of unscrupulous people try to take advantage of the fact that we rank highly for some sought after scam program keywords in Google, and it was getting very annoying having to weed through 50+ spam comments a day before deleting them. So I decided to take action!  Now we have no spam to weed through.

How did we accomplish this? A simple WordPress plugin that goes by the somewhat odd name TanTanNoodles Simple Spam Filter. It works like this:

  1. Any comments that has over 5 links is flagged as potential spam.  This is configurable and can be set to any number of links.
  2. Any comment that includes any of a list of definable keywords (viagra!  porn!  ringtones!) is flagged as potential spam.
  3. Any comment that contains a definable regular expression is flagged.  For example, the php-bb forum code for a link is [url=] and lots of bots try to use it even on WordPress comment forms.

Any comment that meets the above conditions isn’t rejected outright, instead the user is brought to a captcha that looks like the following:


Bots just give up on it.  Which so far has blocked 99.99999% of the spam from even getting to the spam queue while still allowing legitimate uses who use spammy words or many links to still post comments, they just have to do the captcha.  I’m guessing less than 2% of the comments we get here have had to go through the captcha process.  We’ve had 1756 spam messages blocked by the plugin, and only one has gotten through it and even that one landed in the spam queue.  It was pretty obvious that it was hand entered by a live person.

You do have to sign up for a reCaptcha account (100% free) and link it to the plugin, so it’s not totally effortless to setup, but OH MY GOD we don’t get blog comment spam anymore.  Can’t recommend the darn thing enough.

{ 4 comments… read them below or add one }

Jon July 7, 2009 at 7:41 am

So if comments don’t get checked by a person now, and you rely on the plugin, can’t a real life spammer still get through the system?!

buy viagra
Get some porn
Free ringtones!!!

El Plumber (admin) July 7, 2009 at 10:14 am

Well Jon, your test worked. ;)

Even if you do the captcha, it still gets put in a queue for moderation to catch the real live spammer. But now our queue typically has only a few comments a day, vs the hundreds of junk spam messages we had before.

Jon July 7, 2009 at 10:17 am

Ah, nice. Seems pretty foolproof. But now how am I going to offload all this viagra i’ve got around the place?

john fm gothicstuff.info May 3, 2012 at 4:48 am

This is great thanks. I was just thinking about getting rid of comments altogether. This will make life a little easier. Cheers

Leave a Comment

Previous post:

Next post: