The Final Word on Comment Spam
There is what seems like a thousand plugins available to reduce comment spam from appearing on our blogs. If any single plugin worked, why would there be so many different ones, each attacking comment spam in a different way?
As I remarked in "Four Ways to Provide Convenience to Your Readers", a post at The Reader Appreciation Project, commenters go for the path of least resistance.
What comment reduction methods create resistance to real comments? Any form of CAPTCHA, including math problems. Anything that slows the commenting process down is resistance. Many potential commenters will choose not to comment rather than go through any process other than a normal form-filling process. Even though we don't want to discourage comments, we still have to do something about the comment spam.
Comment Moderation
The most effective way to filter comment spam is also the most time-consuming. If you have only one blog to deal with, comment moderation is probably the best solution, but only if you check your moderation queue frequently. The last thing you want a returning visitor who commented previously to see is that his or her comment is still awaiting approval.
Spam Blockers
There's a myriad of spam blocking plugins and services available to stop spam bots from ever touching your comment forms. The problem with all of them is that they also block legitimate visitors, even if the number of false positives is very low. In the past, I used a spam blocker for a short period of time. After getting email from a few people that said they were blocked, I got rid of it as fast as I could.
Spam Filters
I use three spam filters on this blog. Since this is a WordPress blog, the spam filters may not be available for your particular blog. They are:
- The Simple Spam Filter for WordPress. This one contains a list of spam words and phrases to compare the comments with. If a commenter gets caught by this, a confirmation link pops up and all the commenter has to do is click it and the comment goes through. Spam bots won't click it.
- The Simple Trackback Validation Plugin. The plugin lets me control suspicious incoming trackbacks (and pingbacks).
- Akismet — it's bundled with WordPress. It's like a final catch-all for spam bots. The previous plugin sends suspicious trackbacks there so they're easy to check. Very few real comments end up in the queue.
I check these spam filters daily to make sure nothing is going awry. Are they perfect? No, but using filters is better than blocking. I've heard reports of success with WP-SpamFree, but I've never used it.
[Update 2009-06-06: I now use WP-SpamFree and Akismet and have removed the other two. Only human spammers seem to get through, so I'm happy about that, at least for now.]
Human Spammers
The biggest problem with comment spam is no longer the spam bots. I rarely see them. The biggest problem is with human spammers. There are services in existence now that will pay people to visit blogs and leave comments. Sometimes it's very difficult to spot the human comment spam, so I always err on the side of the commenter.
The Final Word
If you value comments on your blog, you'll do what's necessary to keep the comments flowing. Anti-spam measures should be used with extreme caution because what keeps spammers away can also keep legitimate commenters away .
Comment spam must be filtered, however, or your blog will soon be overrun by it. As blog owners, it's our responsibility to use what's most effective on our blogs while still providing the path of least resistance for our legitimate commenters.
If you don't value comments, and your blog is a social blog, then why are you blogging?
Similar Posts:
I don't have any of these plug-ins, but I did have to turn off my anonymous users funtion on my blog. I was getting hit with weird comments about a mile long. Rantings mostly. I just don't care for spammers. I wish they would get a life. Have a great day RT.
I'm one of those people who hate any kind of CAPTCHA. Not only is it annoying to have to go through an extra step, but my vision is very poor and half the time I have to try more than once to read the letters if there's a lot of background.
I use comment moderation for the first comment only. As you say, sometimes, it's difficult to determine if a comment is spam or not. Like you, I err on the side of the commenter. I've found that Askimet does a good job of catching spam without stopping legitimate comments.
What is the "Lock Down" mentioned below the comment box?
You're the first one to comment on it. It's a note I left for when I was anticipating hitting the digg front page. I use WP Super Cache and you can lock down the comments so they don't update until you lift it.
As you already know, RT, Ernie and I moved from our Typepad hosted blog to Wordpress specifically because of spam troubles. Typepad was too limited to easily catch spam.
It's been pretty easy on our Wordpress self hosted blog. Akismet seems to catch almost all of our spam. So far only a couple cleverly worded comments by human spammers have made it through.
I notice every once in a while some spam leaks through your filters. I'm subscribed to a lot of your comments, so I get a copy too.
Captcha is so frustrating, especially Google's version. Sometimes I have to make 2 or 3 attempts. That doesn't encourage comments.
Those are almost always humans. Even though they might look like bots. You should see how many bots show up on my 404 log because they can't get through the first filter.
Right, you should take necessary measures to avoid spam in your blog.
In my experience, spammers don't target just a blog or blogs. They target *any* web form they can find, particularly the e-mail forms.
95% of the spammers seem to rely on some kind of script and most of them get caught by heuristics provided by the anti-spam filter, but there are occasionally very clever human spammers who manage to get around all the blocks we put up.
hari’s last blog post… BiaMovE – advanced mencoder GUI
I've never had any problems using Askimet, other than being labeled as a spammer and not being able to comment, anywhere. A quick note to an admin at wordpress.com straightened the whole situation out, messages to Askimet did not. It works well and I have only see four of five spam comments get through.
Captcha is a pain for commenters, It deters me unless I have something important to say. I'll look into the plug-ins you listed and see how they fare.
I use Spam Karma 2 – it tends to not get any false positives and sends me a mailed digest each day. I don't use a captcha because they are a pain the rear!
Ray’s last blog post… Test Driving Kubuntu 8.04
Wait till you get 500 spam hits a day and then come back and talk to me.
yeah, admittedly I have little enough traffic that I could probably approve every comment (or not) in real time
I'm sorry, my comment probably sounded like a snide remark. I didn't mean it that way. It's just that I do get 500+ spam hits a day.
I think it really depends on how many visitors you are receiving at your blog. For me and my blog, just as long as people are leaving legitimate comments, not stuff like "I agree" or whatever, then they should be fine. I have yet to really see comment spam with my blogs.
Honestly I would be happy to see any visitors at all.
Comment spam increases as the number of visitors increases. I think the pages with higher link authority (higher in the SERPS) are targeted the most.
What I am doing, on my blog at the moment, is to decide on a per case bases whether I will make the link 'do follow' or not.
If the comment is meaty and insightful chances are that I will make the link 'do follow', if the link is to a dodgy site and says something like 'nice post', it's not going to happen.
That's a noble way of doing it, but I'm afraid you'll start running out of time when you start getting a lot of comments. It's very time-consuming.
Well the plugin has 'do follow' as default, so if i get lazy, it's just all 'do follow'.
Also I will install some kind of captcha if the spam starts to get out of control.
Craig’s last blog post… Buy book Ireland
Its a tricky balance! I use the commentluv plugin to encourage people but still find it hard to get readers. On the other hand I delete heaps of spam on a daily basis. The no-follow default is really annoying – but he do-follow movement only seems to be a small % of blogs