Skip to content

Do you like spam? No, I’m not talking about the canned mystery meat, I’m talking about the unsolicited, irrelevant comments that you receive on your blog. Do you remember your first experience with comment spam? I bet this is how it went. You launched a brand new WordPress website and start writing a blog. Within minutes of clicking “Publish” on your first post, you have your first comment. “Awesome!” or so you think until you read it. Welcome to the world of having a website, WordPress or not, that allows comments.

You’re judged by the company you keep

You’re pretty sure your visitors aren’t going to get any value from “Cheap Michael Korrs” or whatever product the spam bot is trying to sell. Some bots are even smarter. Their comment is very positive about your post, but their name contains keyword anchor text and a link to their website. This is even worse than an obvious spam comment. Because it’s positive, you’re more likely to approve it and now your site is linking to and passing PageRank to a very low quality site.

This can be horrible for your site’s search performance because Google looks at all links to determine your ranking. If you link to low quality sites, Google will see your site as low quality. (The reverse is somewhat true as well, linking to high quality sites can have a marginal boost to search rankings.) This is why you shouldn’t just be flattered by some nice words. You have to make sure that everything about the comment is valid.

How WordPress handles comment posting

By default, WordPress is setup to hold all comments in moderation if they’re from a first time commenter. Once you approve the first comment from an account, any future comments are published automatically. If the spambot comment, “This is amazing! I love your blog!”¬†is approved, by default that account can now post comments without them being held in moderation. Now your blog can be filled with links to low quality sites.

To keep this from happening, I always turn off the automatic posting option. Here’s how you do it. From your WordPress dashboard, go to Discussion under the Settings menu. Find the section “Before a comment appears” and uncheck “Comment author must have a previously approved comment.” Now you need to check “Comment must be manually approved” so that you have control over comments appearing.

Comments aren’t bad so you can’t just shut them off

With all the downsides of comments, you might be thinking of just turning them off and not allowing comments. I would urge you to reconsider. The reason you have a website and write a blog is to build an audience. If you don’t allow and encourage comments, your audience isn’t going to be very engaged and won’t feel a connection to your brand. Comment spam is bad and it can be a pain to deal with it, but I’m about to show you a couple of ways to automate the process.

Akismet is your first line of defense

Whenever you installed WordPress for the first time, you also installed the Akismet plugin. Comment spam is a big enough issue that the WordPress core team has packaged spam prevention with the WordPress install. Granted, the company behind WordPress, Automattic, is also the developer of Akismet so that probably has something to do with it as well. But Akismet is really good at filtering out spam comments. For $5/month you can add Akismet to your business website and start filtering out spam, leaving only real comments for approval. If you run a personal blog, you can use Akismet for free.

But sometimes Akismet is a little quick to mark a comment as spam. I’ve worked with some small businesses who have customers that aren’t really sure how blogs and comments work. Instead of using their contact form or sending an email, these customers will leave a comment. If they throw in a lot of product or service keywords, Akismet can grab that comment as spam. So sometimes with Akismet you have to manually review your spam comments to make sure nothing slips through. Even receiving hundreds of spam comments a week, I can go through them in under 30 minutes and see if anything was missed.

Spam comments are easy to pick out once you know what you’re looking for. Visit a handful of blogs and you can find the “This is a great website!” comments in droves. These look like real, genuine comments, but they don’t add anything to your audience, they don’t reference your blog’s content, and chances are they’re being used to create an account that can freely post comments in the future.


Any website that allows comments is a target for spambots. They crawl the Internet creating accounts and posting comments full of links and keywords. While WordPress isn’t any more or less open to these comments, they’re easy to stop. By setting WordPress to hold all comments in moderation and signing up for Akismet, you can keep your website safe from spam.

How do you prevent spam comments on your website?