3 Plugins to help kill your WordPress comment spam

7th February 2012
Back to Blog

Services web development

You run a WordPress blog, your digital marketing is going well and people are starting to find you, but, so are the wrong ones – the spammers. Fear not, there are four things you can do immediately to stem the tide.

First, use WordPress’ bog-standard Comment settings. Some things you can update immediately are: Number of links in posts, spam words to filter, comment blacklist, moderate all comments by hand, pre-approve comments from old commenters, even restrict comments to registered users (though enforcing this means you tend to lose good commenters who don’t want to bother).

Then consider installing all these WordPress plugins for your WordPress.org self-hosted blog:

WP Hashcash

WP Hashcash is a fantastic plugin that does the following:

WP Hashcash is an anti-spam plugin that eradicates comment spam on WordPress blogs. It works because your visitors must use obfuscated javascript to submit a proof-of-work that indicates they opened your website in a web browser, not a robot. If the javascript check fails, WP Hashcash now gives you three options; it can either put the comment into moderation (default), put the comment in the Akismet queue, or delete it.

It’s main benefit is checking to see if a commenter is viewing your website through a browser or not. This helps keep out bots and other automatic spamming techniques. Very good, simple plugin.

Login Lockdown
Another simple plugin is Login Lockdown. In its own words:

Login LockDown records the IP address and time-stamp of every failed login attempt. If more than a certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range. This helps to prevent brute force password discovery.

I get several notices a day just from this plugin alone, it seems to be blocking those spammers who want to hack my blog. It happened once which prompted me to install this plugin in the first place; don’t need any Cialis or Viagra, thanks!


The granddaddy of them all is Akismet; it’s the first port of call for spam blocking and it does a wonderful job because it’s web based and all users “phone home” to their servers which builds an ever growing list of spammers that can then get blocked by everyone else. A must-have on any WordPress website. Donate if you can, but you can get a free license for one website using your email address.

With any luck, these three plugins and techniques will keep your blog/website as spam free as possible.


Nathaniel Flick

I'm a Front End Web Developer passionate about usability. My primary specialties are HTML5, CSS3, SCSS, LESS, and jQuery and I am very familiar with Foundation and Bootstrap frameworks. I've worked on top of and with WordPress, Shopify, Rails, Python, and ASP.net/Umbraco frameworks.

Leave a Reply

Your email address will not be published. Required fields are marked *