Archive for March 20th, 2011

Different Spam Filters For Blog Comments – Which One is Best?

Author: Keith Lunt

Mar 20

If you are running a blog that has much of a presence on the search engines then you will almost certainly be popular with spammers. And with loads of automated comment spam hitting you, what can you do to protect your blog?

The onion approach
As with any form of computer security I like to approach spam filters like an onion. You peel your way through one layer of protection only to find another layer protecting the insides. And that is how my spam protection works on my blogs – the spammer might get through one layer of protection, but then has to get through the next level.

How spammers work
To best protect ourselves from spammers we must understand how spammers work. Some will go around different blogs manually submitting comments. However, a lot of these will be quite good comments and useful to your blog. There is a very fine line here between good comments and spam.

Then there are the robot spammers. These trawl the internet looking for blogs to comment on. They grab your comment form and start automatically submitting automated rubbish to your blog. Because they are automated they can submit thousands of worthless comments, but they are the easiest to trap.

Level 1 – stop them at source
Stopping spammers with a Captcha form can be an effective tool, however it is a distraction to genuine comment leavers and some spammers can now beat Captcha forms. So for my blogs I have installed WP Captcha Free. It is a great little plugin, with a hidden effect. Rather than offering a Captcha it puts an encoded timestamp on the comment submission form. When the form is submitted the timestamp is checked. If the form is too old, the comment is ignored.

Implementing this plugin drastically reduced the automated comment spam in many of my blogs, it really does work a treat!

Level 2 – stop those that are submitted
Where would we be without Akismet? It is so good that it is included now as part of WordPress. Those automated spam robots on their first visit (which will get through WP Captcha Free) and manually submitted spam should be caught on this level. Without it, our blogs would be full of comment spam.

Level 3 – a manual check
The reason I looked at WP Captcha Free is that Akismet is not 100% reliable. Spam is missed and allowed through, whilst good comments risk being accidentally marked as spam. So our third and final level of spam protection is just a quick manual check. Look through your Pending and Spam comments lists and confirm each comment is where it should be. Make any corrections (after all, marking a Pending comment as Spam can help teach Akismet more tricks) and then empty the spam folder.