Sometime ago, I turned off blog comments on the NPT Blog for awhile, because I was sick and tired of scanning through all the comment spam.
Here is an example of a typical comment that was being posted to the NPT Blog.
Watts Murphy, Roisin Genocide Organ Dandy Warhols Blood Has Been Shed Stapp, Scott Fall Silent Siouxsie & the Banshees Eyes All That Remains Hendrix, Jimi Shock Skrape Tanita Tikaram New Metal Generation Hell Is For Heroes Strange Land Waits, Tom D…
Duh – as if that doesn't LOOK like spam.
But some blog comment spammers are smarter and more devious. They'll post word combinations that result in coherent sentences. On occasion you'll even find complete paragraphs that make sense. Smarter still, is that the comment spammers seem to acknowledge you, your blog and sometimes even a recent post.
Here's an example of just such a comment that I found on a fishing site – no really, a FISHING site, not a PHISHING site. 🙂 :
Jim said… Hey, you have a great blog here! I'm definitely going to bookmark you!
I have a Bass Fishing site/blog. It pretty much covers Bass Fishing related stuff. Come and check it out if you get time 🙂
Don't be fooled. This is comment spam, pure and simple. When I searched Google for “Hey, you have a great blog here!” there were 183,000 results. Scan the results and you'll find entries where the comment spammer forgot to replace the keywords, as follows:
Michael said…
Hey, you have a great blog here! I'm definitely going to bookmark you!
I have a ##KEYWORD## site/blog. It pretty much covers ##KEYWORD## related stuff. Come and check it out if you get time 🙂
Barring those who forget to replace their keywords, moderating these longer blog comments is slightly more challenging than the one-two click that wipes out a hundred or more 1, 2 and 3-word comment spams posted by pharmaceutical, gaming and porn affiliates.
However, if you want to stop comment spammers from wasting your time, you need to put a few more defenses in place. First of all…
…you should set up moderation parameters for your blog.
In WordPress, select “Options“, then “Discussion“. Scroll down a bit and you'll see “Before a Comment Appears” as shown in the graphic below.
Check the boxes marked “An administrator must approve the comment (regardless of any matches below)” and “Comment author must fill out name and e-mail.
This won't stop the comment spammers, but at least the comments won't show up in the public area of your site – not unless you approve them.
Another workaround is called the ‘Comment Blacklist'.
The ‘comment blacklist' is a list of words that you want completely blacklisted from your blog.
The WordPress blog interface warns that you should “Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.”
Before I built a list of words to blacklist, I was receiving about 100 comment spams a day.
Now the spam is down to a trickle of one every few days.
Here is a list of 102 words I've blacklisted. This list isn't all encompassing – I left out the 4-letter varieties for the purpose of this post.
-online, 4u, adipex, advicer, ambien, baccarrat, black jack, blackjack, bllogspot, booker, byob, carisoprodol, car-rental-e-site, car-rentals-e-site, cash advance, casino, casinos, celebrex, chatroom, cialis, closet organizer, craps, credit-report-4u, cwas, cyclen, cyclobenzaprine, dating-e-site, day-trading, debt-consolidation-consultant, discreetordering, drug, dutyfree, duty-free, equityloans, fioricet, flowers-leading-site, freenet, freenet-shopping, gambling, health-insurancedeals-4u, holdem, holdempoker, holdemsoftware, holdemtexasturbowilson, homeequityloans, homefinance, hotel-dealse-site, hotele-site, hotelse-site, hydrocodone, incest, insurancedeals-4u, insurance-quotesdeals-4u, ionamin, ionamin, jrcreations, levitra, loan, macinstruct, meridia, mortgage-4-u, mortgagequotes, online-gambling, onlinegambling-4u, ottawavalleyag, ownsthis, palm-texas-holdem-game, paxil, penis, pharmacy, phentermine, poker, poker-chip, poze, propecia, renova, rental-car-e-site, retin-a, retirement planning, roulette , shemale, shoes, slot, slot-machine, soma, sonata, taboo, teen, texas-holdem, thorcarlson, top-e-site, top-site, tramadol, trim-spa, ultram, valeofglamorganconservatives, viagra, vicodin, vioxx, xanax, xenical, zolus
The downside to this is that if I were to write an article about promoting pharmaceutial products about which readers posted related comments and included any of the spam words above, those visitors with VALID comments would be wasting their time.
Their comments would be immediately and forever deleted.
So, creating an all-ecompassing blacklist is a trade-off, to be sure. Doing so preserves the blog owner's time but risks wasting their valued readers' time.
In that case, a blogger might consider removing a blacklisted word for a short period of time if they wrote an entry on a particular topic and expected comments to include that word.
Another option is Akismet plugin that WordPress comes with ready to be activated.
Akismet checks your comments against the Akismet web service to see if they look like spam or not and throws all those that do in a separate pile. You can then review the spam it catches under “Manage” and it automatically deletes old spam after 15 days.
To use this service you will need a WordPress.com API key.
Although it may be tempting to show interest in your blog by displaying large numbers of comments, you really should get rid of this crap – unless of course you WANT to send your visitors away to the comment spammer's site.
Hmmm… I didn't think so. 🙂
Cheers ~ Ros