Comment Spam is the bane of many bloggers and website owners existence.  Comment Spam is classed as a comment on your site that targets your readers in an attempt to get them to buy a product or service (obviously not yours!).  Essentially, someone who writes comment spam does so in an attempt to get free advertising on your site – but they want you and your readers to believe they are legitimate readers of your website.

Comment Spam can look incredibly real

I’ve been having ongoing discussions with a couple of my customers who’s websites are very popular and starting to rank quite well in the search engines about comments that are classed as Spam, but aren’t being marked as such.  The question is how can this type of comment spam be alleviated

The answer is not simple… Most comment spam, looks legitimate to a software algorithm however, as the comments link back to unrelated sites and do not add to the discussion on our sites, we consider them SPAM.  Let’s look at an example of two comments (one we would consider spam and one from a legitimate visitor).

Check 1:  Is there any  ‘bad’ words or links in the comment

Comment 1:

“Hello! Someone in my Myspace group shared this site with us so I came to look it over. I’m definitely loving the information. I’m book-marking and will be tweeting this to my followers! Fantastic blog and great design and style.”

Comment 2:

“Hi, just dropped by to read your article.  Thanks for the great insight into the topic and advice on how to fix the problems I’m experiencing.  Going to share this post with my facebook friends.”

Not withstanding the Myspace reference in Comment 1… there is nothing that distinguishes Comment 1 or Comment 2 as comment spam.  Both appear to be legitimate

Check 2: Is the IP address legitimate

There are a number of checks conducted on the IP address of the commenter and the websites they enter into the comment form.  If these are all legitimate the comment will pass the check.

For Comment 1, the site posted was an existing site – I won’t link to it here, but check the screen shots below for the details.

For Comment 2, the site posted was this site… so definitely legitimate!

Check 3: Is the comment actually being posted on the site?

There are a number of Cross Site Hacks that exist that allow commenter’s to use software that automates the comment posting and increases the amount of comment spam on our sites dramatically.  This software doesn’t require the person to visit the site, it will just post the comment.  If any of these are detected, the comment will be marked as spam.

Now, let’s look at the screen shots of the comment page (click on the image to enlarge it):

comment spam

The “giveaway” that this could be comment spam:

1. The ‘name’ of the commenter looks spammy
north face jackets cheap

however, can software really determine if a name is spammy?

2. The ’email’ address they use is likely a fake one, looks ‘spammy’ and changes for each comment the person posts
However, how many of our readers have weird or just strange email addresses?

3. The sites they link back are definitely not within the niche of the site they are commenting on
With the latest Google search algorithm changes this may actually start to penalize them.

4. It’s the same IP address, posting on different posts.
However, I have certainly visited someone elses site and posted on multiple articles during my visit.

Automated Comment Spam Detection Can Only Work So Far…

Whilst software can detect a lot in terms of spam comments, there comes a point that determining legitimate comments from ‘spam’ comments requires a human to say ‘yes’ this is correct or ‘no’ it’s not.

Is the automated software working? 

Have a look at your Spam Comments list (click on the image to enlarge it):

comment spam

Catching over 4,300 spam comments is a pretty awesome thing.

Comment Factories

Most comment spam is posted by real people… Sometimes they are low paid workers and sometimes they are viral marketers trying to promote their products.  If you head over to sites like Fiverr, you’ll find you can pay $10 for a large number of comments… This type of service is usually conducted by people who are paid by the number of comments they can post – and you really shouldn’t expect quality!

Spam Comment Plugins

There are a number of SPAM comment plugins available, and I’ve tested a few of them.  The two I like most are equally as good.

Anti Spam Bee

“Anonymous and independent antispam solution. Detect comment and trackback spam. Includes statistics and notifications.”

Simple, easy to use and configure.  I like that it marks the comment with why it was classed as SPAM and that you can limit comments to certain Countries or Languages.


Akismet has been around forever and is produced by the good folk at Automattic.  Akismet is free for personal use and paid for commercial use.

The thing I like best about Akismet is the “Check For Spam” function on existing comments.  I conducted a test today on a site that I started a long time ago and hadn’t turned on a comment spam plugin.  It had just 2,500 comments….  Using Akismet, approx. 2480 comments were identified as spam.  Of the remaining comments, most were bogus and required visual identification.

How else can I reduce Comment Spam?

The cynical side of me says “turn comments” off… however, that doesn’t create a community! Here are some other ideas:

Approved Commenters

Under wp-admin -> Settings -> discussion, check the box “Comment author must have a previously approved comment”.  This will hold legitimate comments in a pending state until the comment is approved by the site admin. When that comment author posts again, there comments will be automatically approved.

Whilst this may not stop comment spam, it will stop comments being displayed to the public and the backlink given.

Use A Challenge Mechanism

I am NOT recommending this as an option – but I’ve heard others recommend it.

The idea is to put an image of characters on your comment form, that people have to enter to submit their comment.  It’s commonly known as Captcha or ReCaptcha – and they can be some of the hardest things to read and get right.  Not a great idea if you want to encourage people to post on your site.

Others have suggested a challenge question, that only members of your community would know – however, this is prone to user error and could well upset your community.

Blocking the IP Address

Again, this is something else that I’ve heard recommended but I believe it has limited benefit for the time it takes.  Whilst blocking a specific IP address will stop the comment spammer at that point it time, it will not stop them directly.  All the spammer will need to do is reset their IP address and they have access again.

Blocking segments of IP addresses may work however, you run the risk of stopping legitimate commenters and members of your community access… is this really what you want?

Use a third party comment service

I’ve have decided to use Disqus Comments on this site and it works very well.

However, how it would work on sites with large numbers of spam comments is unknown.  This is something that I shall test.


If you build a better mouse trap, the mice often become smarter… Whilst I recommend and encourage you to take measures to automatically detect what you can, I also ask you to remember that software can only do so much and sometimes human intervention is required…

Be sure to mark comments as SPAM, rather than deleting them straight away as this will allow the software to ‘learn’ what you do and don’t consider spam.






About the Author Charly Dwyer

Charly has more than 30 years experience in the IT industry ranging from hands-on technical, to high-level business management, Charly has installed and configured computing equipment and has managed business contracts in excess of $25 million dollars.

As a result, Charly identifies the best way to integrate solutions and technologies for the most cost effective way to achieve a businesses outcome.

Share your thoughts

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}