Quoting from the Akismet website … “Remember the days before spam ?“… Yeah, I know… Nowadays spam is everywhere : in your mail box, on your website, on your blog, on your instant messenger, on your social networking profile, in your online game, on your mobile phone, on your fax, basically everywhere we look on the internet. It has become a constant of our “virtual lives”. The good news is that spam-fighting techniques have also got a lot better.
So what exactly is spam ?
Spamming is the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. Spam has been around for ever, since 1978 when the first email advertising messages were sent. Since then it has known a continuous increase over the years. It so widely used because it’s economically viable because advertisers have virtually no operating costs beyond the management of their mailing lists, and the fact it’s difficult to hold senders accountable for their mass mailings.
For a regular WordPress blog there are 2 large types of spam :
- comment spam, regarding comments posted as a response to a blog post. This also includes trackback spam.
- contact form spam
So what can I do ?
Fortunately there are quite effective ways of eliminating spam from your WordPress blog. We will present below 5 WordPress plugins : 3 for comment and trackback spam, and 2 for contact form spam.
Stop Comment and Trackback Spam
Akismet, the first frontier
If you own a WordPress blog, you know what Akismet is. Akismet, or Automattic Kismet, is a spam filtering service created by Automattic, the corporation which employs most of the main developers of the weblog platform WordPress, and released on October 25, 2005. Akismet attempts to filter link spam from blog comments and spam TrackBack pings.
Akismet comes already installed with every WordPress blog. All you have to do is activate it from your WordPress Admin page. For the plugin to work it requires an API key which can be obtained by registering on WordPress.com.
The plugin stats are a testimony of it’s performance. At the time this article was written Akismet plugins from all the WordPress blog caught 6,949,364,430 spam messages, and over 8 million today. On our blog has stopped since the last WordPress update over 24.000 spam comments.
- Download Akismet or use the version included in your WordPress blog.
- Log in to your WordPress blog’s admin panel. Go to Plugins and activate Akismet.
- Signup for an account on WordPress.com
- Get the API key from your WordPress.com account and go back to your WordPress admin panel. Go to Plugins -> Akismet Configuration and enter the API key. YourAkismet is now active and your WordPress blog is now protected by it.
An alternative to Akismet is Defensio. No way near as popular as Akismet, Defensio has the advantage of being available for a lot of blogging platforms like : WordPress, Text Pattern, Movable Type, PixelPost, Mephisto etc.
It has a few advantages like :
- Spam quarantine sorted by spaminess
- OpenID support
- Background color applied to spam comments to increase ease-of-identification
- Spam comments collapsed (and restorable) to allow for easy and efficient navigation
- Performance statistics provided to show how Defensio is doing on your blog
Note : Only works for WordPress 2.1 or above.
- Deactivate Akismet and/or any other anti-spam plugins by going to your Plugins tab in the WordPress control panel.
- Copy the ‘defensio-anti-spam’ folder (unzipped from the file you downloaded) into ‘wp-content/plugins/’. You should now have a file called ‘defensio.php’ in ‘wp-content/plugins/defensio-anti-spam/’.
- Return to the Plugins tab in your control panel and activate Defensio.
- Under the Plugins tab, you will find a new tab called Defensio Configuration. Go there and enter your API key (issued to you when you signed up for the Defensio service). If the key turns green, this means it has been successfully validated.
- Under Defensio Configuration, you may also set the threshold level for “obvious spam” (this can be hidden from your quarantine, at your option). We recommend you leave this “obvious spam” level at its default value (80%) until you get a feel for what a better value might be for your own purposes.
- Your blog is now protected by Defensio‘s enhanced spam filtering web service. From now on, all comments posted to your blog will be analyzed by Defensio and attributed a “spaminess” value that will help you sort and manage your spambox. Under your blog’s Comments tab, notice that the quarantine has been re-labelled “Defensio Spam”.
An extremely powerful anti-spam plugin for WordPress that virtually eliminates comment spam, including trackback and pingback spam. We use it on this blog in combination with Akismet and I must say it’s excellent. Ever since we installed this plugin, basically we didn’t have spam anymore. In just a few months it managed to stop 15.446 spam comments.
The really cool thing about this plugin is that it’s not using a CAPTCHA system and also includes an anti-spam contact form.
- After downloading, unzip file and upload the enclosed “wp-spamfree/” directory to your WordPress plugins folder (”wp-content/plugins/”).
- Activate the plugin on your WordPress plugins page.
- Check to make sure the plugin is installed properly. Go to the WP-SpamFree page in your Admin. It’s a submenu link on the Plugins page. Go the the ‘Installation Status’ area near the top and it will tell you if the plugin is installed correctly. If it tells you that the plugin is not installed correctly, please double-check what directory you have installed WP-SpamFree in, delete any WP-SpamFree files you have uploaded to your server, re-read the Installation Instructions, and start the Installation process over from step 1. If it is installed correctly, then move on to the next step.
- Select desired configuration options.
- If you are using front-end anti-spam plugins (CAPTCHA’s, challenge questions, etc), be sure they are disabled since there’s no longer a need for them, and these could likely conflict. (Back-end anti-spam plugins like Akismet are fine)
Stop Contact Form Spam
We have 2 really cool spam-free contact form plugins for WordPress. The choice between the 2 is yous to make. We use both of them on this blog.
It has a huge amount of configuration options and comes with 21 custom, different CSS styles for personalization, so it’s pretty easy to adapt it to your blog’s theme.
A demo can be found on our Submit News page.
- Download & extract plugin using its default directory
- Upload plugin directory to the /wp-content/plugins/ directory
- Activate the plugin via ‘Plugins’ in WordPress
- It is recommended to read the included “Help section” (WordPress Admin-> cformsII->Help!) because of the huge amount of configuration options, making it easy to get confused.
Secure and Accessible Contact Form v.2.0WP
This is another really cool spam-free contact form for WordPress. The main differences between the 2 (cforms II and Secure and Accessible Contact Form v2.oWP) are :
- cforms II has more configuration options
- Secure and Accessible Contact Form v2.oWP uses only question validation methods (cforms II also has CAPTCHA)
- Secure and Accessible Contact Form v2.oWP offers the possibility to ban certain IP addresses.
- Secure and Accessible Contact Form v2.oWP offers full statisticsabout the sender of the email
This contact form is also highly customizable. It comes with 16 different CSS styles, each one editable.
You can see a demo of Secure and Accessible Contact Form v2.oWP on our contact page.
- Unpack the *.zip file and extract the /wp-gbcf/ folder and wp-gbcf_readme.txt file.
- Using an FTP program, upload the /wp-gbcf/ folder to your WordPress plugins directory (Example: /wp-content/plugins/).
- In the sub-directory, /wp-gbcf_themes/, using FTP or your server admin panel, change the permission of the CSS theme files to 666, but you’ll only do this if you’ll want to edit them.
- Open your WordPress Admin panel and go to the “Plugins” page. Locate the “Secure and Accessible PHP Contact Form” plugin and click on the “Activate” link.
- Once activated, go to the “Contact Form” page and select the “Configuration” link on the sub-menu. If you need help, review the “Form Configuration Instructions.” You won’t be able to enter the URL yet, though.
- Once configured as much as you can, go to the “Write” page and click the “Write Page” If using a default page template give it a name like “Contact Page” for example.
- Now go back to the “Configuration” page and add the URL of your newly-created form page. “Save” your changes.
- Now go to “Manage” and click on “Edit Pages” link on the sub-menu. Then locate your contact page an click on the “Edit” link to the right of it.
- With the page file open, add this code <!–gb_contact_form–> to the text area and “Save” the page.