How to Stop Spam Comments in WordPress

Are you tired of dealing with spam comments on your blog? The unfortunate truth of the matter is that WordPress is extremely exposed to spammers unless you take steps to mitigate it. Just by having your website address be shared anywhere on the web, your risk of attracting spam comments increases by 100%.

Fortunately, it only takes a few steps to configure your WordPress site so that it becomes resilient against comments of unnatural nature. And this article will discuss in detail how to prevent spam comments, which plugins to use, and whether you should consider alternative comment systems.

Let’s answer the following question first, though.

Why do blogs get spam comments?

We live in 2022, and yet blog spam is as present as it ever has been. Sometimes I think to myself that someone simply forgot to turn off their automated tools many years ago. Because, in reality, the benefits of bombarding sites with poorly written comments are practically non-existent.

Still, here are the two main reasons blogs get spammed:

  • Spammers want to increase the number of websites pointing (backlinks) to their site, hoping that it will increase their SEO rankings.
  • Shady marketers use spamming techniques to try and attract customers to their products.

The first reason, despite its popularity, is quite laughable. Google has long devalued links that are tagged with tags such as “ugc” and “nofollow”. And, as we know, WordPress by default marks all links as nofollow when they are shared in a comment.

WordPress spam comment example

The example screenshot above shows a small variety of comments you might get from spammers. The pattern is immediately visible. The comments are mostly pointing back to malicious software websites, casino platforms, or otherwise services that are not to be trusted.

Above all, letting such comments slip through leaves a bad impression on your site visitors.

This brings me to my next point.

Is it worth having a comment section?

If you have been actively involved with websites over the last 10 years, you’ll know that blog comments are slowly fading away. Platforms like Twitter and Reddit have become the go-to platforms for having conversations, and fewer people are leaving comments on published blog content.

It used to be that blogs were written specifically for readers. And those blogs would naturally attract comments and engaging discussions. And while such blogs are still out there, it is worth asking yourself if you need a comment section at all.

blog comments example

You could very well move your entire discussion environment to a site like Twitter. And, in turn, encourage your site visitors to join a discussion there. Which would also help you grow your social media following.

It’s just a thought, of course, but one worth considering.

How to prevent spam in WordPress comments

The following section is dedicated entirely to various methods you can apply to start dealing with spam effectively. We’re going to focus on 3 different techniques: using in-built tools from WordPress, activating a plugin, and lastly – exploring the option of using 3rd-party comment systems.

Setting up the correct Discussion Settings

The very first thing you can do is go to your WordPress dashboard. From there, navigate to Settings and select Discussion Settings. This will open up a panel where you can customize a variety of options for how you wish comments to be managed on your site.

The setting of interest here is under the “Before a comment appears” option. Here you want to tick the checkbox that says, “Comment author must have a previously approved comment”. It will do exactly what it says. Once you save the settings, any new comments on your site will be held for moderation.

You can go a step further and also tick the box that says that comments must be manually approved. In fact, the latter option is quite popular among reputable publisher platforms. It is a good alternative to having a plugin that automatically detects spam, however – you will need to check each comment manually, including all the spammy ones. It can turn into quite a lot of work!

So, it is highly recommended to use a plugin. And for this purpose, we have two solid choices.

Using plugins to prevent spam

The advantage of using a plugin is that you can automate the entire spam detection process. But, what are the best plugins for the job? Over the years, things have changed slightly in the WordPress plugin ecosystem. A lot of the plugins that once were “free” are now crippled with freemium and pro plans that have a limited number of features unless you pay up.

So, our goal is to highlight the plugins that can help protect you against spam for free.

Here are the picks.

#1: Akismet


The one and only Akismet Spam Protection plugin. Brought to you by the same lovely people who built WordPress in the first place. Now, Akismet is a fantastic solution. There is no question. However, in recent years they have shifted their model a little bit. It is free to use the plugin only on non-commercial sites!

So, if you show advertisements or promote affiliate links on your site – you (technically) have to become a paid customer. However, it’s worth noting that Akismet does not enforce this overly strictly. As long as your site doesn’t get millions of spam requests every day – you should be in the clear.

Once you download and activate the plugin, you’ll need to obtain a unique API key from Akismet. This process is automated inside your WordPress dashboard. Follow along the steps to create an Akismet account, get your API key, and then activate it inside the plugin. That’s it. Your comments will now be automatically moderated, and of course, protected against spam!


#2: Antispam Bee

Antispam Bee

Our second recommendation is the Antispam Bee plugin. Because the plugin is completely open-source, it means you will never need to worry about any licenses. Use it on both commercial and non-commercial sites as you please.

Let’s look at some of the features that Antispam Bee provides in the fight against spam:

  • You can disable comments in any language other than the one you prefer to use.
  • You can create a pre-approved database of trusted commenters.
  • Add custom indicators that can automatically judge whether a comment is spam.

And other custom features. Overall, the goal of Antispam Bee is to help you customize a list of settings and regulations that will determine whether a comment is spam or not.


Comment systems with in-built spam protection

It’s unlikely that the concept of “spamming” websites is going to go away any time soon. For people who do it, even a 0.01% success rate can be considered “worth the effort”. But, as a website owner – you’re the one having to deal with all that noise directly. So, an alternative is to use a comment system that does a lot of the heavy lifting on your behalf. Here are some of our recommendations.


Jetpack is yet another plugin built by the original WordPress team. And, the plugin comes with its own custom comment system which is based on the type that is used on websites.

The nice thing about Jetpack is that it provides a lot more than just an alternative commenting solution. The plugin covers areas like website security, backup management, migration, and other useful features.

And since Akismet is also part of Jetpack – you can rest assured that spam will be dealt with the right way.


Disqus is one of the more refined commenting systems. It is completely separate from WordPress and requires you to create an account on their platform. It is nonetheless an incredibly popular system that is used by both publishers, bloggers, and everyday writers.

The WordPress plugin lets you embed Disqus comments directly as a replacement for the native WordPress commenting system. The advantage of Disqus is that it supports a variety of login methods, including a Disqus account but also social media profiles.

In fact, adding Disqus to your site can have some great benefits in regard to discussions. Because people already have an account, they might feel more inclined to comment on your site since it won’t require them to write out their personal details.

And, as is outlined in their documentation – Disqus implements a custom-made spam protection software. All in all, it’s not a commenting system known for being invaded by spammers.


All in all, this article covered all there is to know about fighting back against spammers. The in-built tools from WordPress are decent, but certainly not exhaustive. And, we also looked at some other options that you can consider if you feel like the default comments system is too plain, or simply too easy to attack.

In fact, if you use something like the Wordfence security plugin – you’ll get frequent alerts when your blog starts attracting unsavory commenters. In other words, spammers. At the very least, you can block out the most commonly known IP addresses and then let the plugins mentioned in this article do the rest.

Leave a Reply

Your email address will not be published. Required fields are marked *