It’s funny how you don’t miss something until it’s gone. In this case, I have been taking for granted the fact that a single plugin is devouring all our comment spam here at the Electron Plumber. Devouring it in the sense that the spam is blocked before it is accepted into the system, so not only have we been spam free, but the actual WordPress spam queue is empty as well.
Why would we want to do this? The built in Askimet spam filter catches 99% of spam and throws it in the spam queue right? Well, in addition to letting 1% of the spam through, it also blocks 1% of the legitimate comments and drops them in the spam queue. Since we like everyone’s voice to be heard, we used to scan the spam queue manually a couple of times a day to make sure nothing got lost.
We moderate all comments here since lots of unscrupulous people try to take advantage of the fact that we rank highly for some sought after scam program keywords in Google, and it was getting very annoying having to weed through 50+ spam comments a day before deleting them. So I decided to take action! Now we have no spam to weed through.
How did we accomplish this? A simple WordPress plugin that goes by the somewhat odd name TanTanNoodles Simple Spam Filter. It works like this:
- Any comments that has over 5 links is flagged as potential spam. This is configurable and can be set to any number of links.
- Any comment that includes any of a list of definable keywords (viagra! porn! ringtones!) is flagged as potential spam.
- Any comment that contains a definable regular expression is flagged. For example, the php-bb forum code for a link is [url=] and lots of bots try to use it even on WordPress comment forms.
Any comment that meets the above conditions isn’t rejected outright, instead the user is brought to a captcha that looks like the following:
Bots just give up on it. Which so far has blocked 99.99999% of the spam from even getting to the spam queue while still allowing legitimate uses who use spammy words or many links to still post comments, they just have to do the captcha. I’m guessing less than 2% of the comments we get here have had to go through the captcha process. We’ve had 1756 spam messages blocked by the plugin, and only one has gotten through it and even that one landed in the spam queue. It was pretty obvious that it was hand entered by a live person.
You do have to sign up for a reCaptcha account (100% free) and link it to the plugin, so it’s not totally effortless to setup, but OH MY GOD we don’t get blog comment spam anymore. Can’t recommend the darn thing enough.