Spam is the scourge of the internet. No one wants to have spam comments filling up their WordPress website. It reflects poorly on you as a site owner, and this is especially true if you WordPress site represents your business!
The easiest way to deal with over 99% of your spam is to use the single most downloaded WordPress plugin, Akismet. (It comes bundled with the core WordPress software.)
Once you activate Akismet you will have to enter your WordPress API key. There are a couple way to get one.
If you have an account at WordPress.com then you already have one. (If you don’t you can sign up for free.) Simply go to your WordPress.com Profile Personal Settings and you’ll see your API key near the top of the page.
Copy that string of letters and numbers and paste them into the Plugins –> Akismet Settings on the dashboard of your own site. Then click the “Update Options” button and you’ll be set.
Then Akismet will automatically compare every comment to their database. The ones it calculates are spam will go to a spam moderation folder on your dashboard and your site visitors will never see them. For the occasional spam comment that gets through you can just click the red “Spam” link under that comment in your comments list and it will pull it back from your site.
It’s a good idea to scan through all the comments that get marked as spam periodically because it will also occasionally mark a legitimate comment as spam. When it does, just click the yellow “Not Spam” link and the comment will be move to your moderation folder where you can approve it so it shows up on the front page of your WordPress site.
A couple things about the way Akismet works. The filter learns from every single WordPress site owner. By marking spam comments as “spam” or “not spam”, you are “training” Akismet – and not just for your site, but for every WordPress site that’s using Akismet.
Because that’s the case, it’s a good idea to be judicious with marking comments as spam. When you do you are affecting that commenter across every WordPress site. Using that power vindictively could very well come back to haunt you. I’m just saying.
A strong Akismet competitor in my mind is Defensio. Defensio actually does more than just protect your site from spam. It also can filter out profanity and keep out links to malware by blocking links to executable files and scripts.
I was an early tester for Defensio and I have to say I like the service. The way spam is presented makes it a little faster to double check for good comments trapped by mistake. I switch between Akismet and Defensio on my sites and both do a great job.
Here’s a video with more about Defensio:
Like Akismet you will also need to get an API key to use Defensio on your site. You get one by signing up on their website.
One note: You don’t want to run Akismet and Defensio at the same time. Deactivate one before you activate the other so they don’t conflict with one another and cause problems with your site.
Another line of defense against spam on your WordPress site is Bad Behavior.
Bad Behavior is designed to use along side other spam filters such as Akismet or Defensio and works differently. Instead of filtering spam comments once they are entered into your website, Bad Behavior targets the methods by which spam is delivered.
If you still feel overwhelmed by dealing with your spam with one of the other plugins, you can add Bad Behavior and dramatically reduce the number of spam comments you ever even see on your site. Bad Behavior will block most spammer from even being able to access your site.
Simply install the plugin, activate it, and your WordPress site is doubly protected!