Support » Fixing WordPress » Spam? Read this.

  • Mark (podz)


    Support Maven

    Here are 3 solutions for fighting spam:

    Get the plugin:
    Signup at for your API key.
    ( You do not need a blog there, just sign up)
    Help here:

    Get the plugin:
    Does NOT work at godaddy

    Spam Karma 2
    Get the plugin:

    Do NOT ask ‘Which is best because….’ or ‘Which one do you suggest I get’ or any variation of that – they are ALL good and yes, they can all be used together.

    SK2 will run all existing comments through it’s filters to catch spam already there.

    CJD Spam Nuke from will also ID and let you remove spam with one click

    Captcha (where you have to type words in to verify you are a human) are NOT effective. You will still get spammed. So use one of the above.

    You may also see little ‘Donate’ buttons on the above sites. As their work was given freely and saves you masses of time (do you want to delete spam by hand every morning?), saying Thanks by dropping a tip into their jar would be appreciated I’m sure.

Viewing 15 replies - 1 through 15 (of 116 total)
  • Hello, I still need help.

    1. Spam Karma allows comments that are not labelled as spam to be published unmoderated. This is NOT what I’m looking for. What options do I have?

    2. I need a program that prevents spam from being posted, not just a filter. If not possible, I need to disable the 15-second rule. A great number of legitimate commentators are prevented from posting in my blog for this 15-second thing.

    Do be aware that on some installations MANY of these plugins shut the native moderation option OFF. This means that the spam that does get through goes directly onto your blog.

    This spam problem should be dealt with at core level, and without making us jump through api registration hoops to get it. Textpattern doesn’t seem to have this problem . . .

    Do be aware that on some installations MANY of these plugins shut the native moderation option OFF. This means that the spam that does get through goes directly onto your blog.

    If you want SK2 to also obey the WP moderation options use this. That said, with BB and SK2 running only one of thousands of spams have made it even as far as my moderation queue.

    I don’t know others, but in my site, I only use Captcha, and it works fine without a single spam. On the contrary, if I disable it, I can get 10 spams in less than 5 hours

    I admit that I came here looking for this topic because in two days I received 84 spam comments for prescription medication. I’m definitely going to go buy some Vioxx right now, because these sites look very legit (sarcasm).

    Anyway, after looking at a few of these options, I decided to just do what I’ve been doing. Quickly scrolling through the comments where the real comments stand out in an obvious manner. I approve the real comments, click on the “Mark all as Spam” option at the bottom of the page, and then click the moderate button. All-in-all, not too bad of a system, and it’s built-in to WordPress already. Admittedly, I don’t get very many real comments anyway, so it’s not too hard for me to do things this way.

    I have my blog set so that people can only comment when they are registered and logged in, and yet I’m getting comments. How is this possible?

    A few days ago, my site showed a popup ad that was not installed by me. I have no clue as to how it happened. Then my blog started being spammed with comments (casino, hotels, pharmaceuticals…) About 10 a day. Anyone has this happened to their site? Are the two related? Is it a web hosting server problem or my computer? I did virus and antispyware check. Nothing found. I also changed all the passwords. That didn’t help either. I would appreciate any advice.


    Actually, my “problem” is somewhat different than most, and I’m not looking for a “solution,” just some opinions on how best to keep my blood pressure in check. (NB: I am currently using 1.5.2 – I know I should upgrade, and will eventually, but I’m reluctant to upgrade just because.)

    I do not have a comment spam problem; I have (knock on bloody wood) not attracted the comment bots yet. I do have a trackback spammer, who’s hitting me constantly. I have trackbacks moderated, and I’m using the Trackback Validator so each of the trackbacks get placed in the moderation queue, then deleted, and none of them make it to my readers. He’s not accessing wp-trackback.php directly, instead posting to the “proper” URIs (<permalink>/trackback).

    But because of the way Trackback Validator works, I get a moderation mail for each of them anyway…which annoys me no end, knowing this slime is stealing my bandwidth. (Not just mine, of course, since he’s using an army of zombied machines to send these things in.) Of course, he doesn’t care that his trackbacks are ineffective, since he has this army of other machines all over the world to do his dirty work for him, it doesn’t really matter if it works or not….no cost to him one way or the other.

    Anyway, seems my choices seem to be currently limited to 1) turning off trackbacks, or 2) shut up, stop whining, and be pleased that Trackback Validator is doing such a swell job. Truth is, I get very few legit trackbacks, but I hate to make the blog less useful because of some thief. Still I hate getting these hundreds of emails two or three times a day…makes me grit my teeth together so hard I get a headache. 😉

    I did see a WP-Hardened-Trackback plugin; anyone have any direct experience with it they’d like to share? Or other methods for hanging or altering the trackback URLs to avoid this cruft? Any other thoughts about the annoyance of trackback spam?

    Strange thing: I originally set up a WordPress blog on my portfolio website so I could test it before installing one for my wife. That was months ago and because I don’t update the blog or the site, I never get comments. Fine.

    But the other day, I decided I needed to revamp the website, so I replaced the homepage so that it is the only page available. It has no links to underlying pages (which are still on the web).

    What’s strange is that I’ve now received 23 spam comments in four days. I assume these spam programs can find unlinked pages, but I’m surprised that I’m suddenly getting spam when nothing has changed on the blog.

    Any thoughts? Worse case, I’ll remove the blog because it was just for testing.


    Did you see the plugins listed at the very top of this thread? Akismet or Spam Karma 2. Either of those with Bad Behavior and you’ll pretty much (imho) be spam free.

    Thanks… I’ll certainly try them. The puzzle is why these things are suddenly appearing.

    I am pondering the same question as cynthiablue.

    I have been running my blog for half a year without any spam. For the entire time, only registered users are allowed to post comments with me being the only registered user. When the spamming started two days ago I completely turned off the comment function in the options section and upgraded from WP 2.0 to 2.0.2, yet the spamming still persists.

    How is it possible spam keeps getting into my moderating queue when comments are turned off and noone is a registered user except my admin profile?

    Parcival, please, see this post:
    (actually the whole thread is worth reading)

    Interesting, moshu… thank you for the link.

    Some powerfull spam bot was set up a couple of days ago. Seems that I’m not the only one getting hundreds of spam comments or trackbacks every day. Wouldn’t it be fair to send the police to look for this criminal spammer/s?

    Is there a way to help catch them? I’ve got plenty of logs and stored information about this spammer. It’s all the same: drugs, hotels, etc. All spam comments look the same.

Viewing 15 replies - 1 through 15 (of 116 total)
  • The topic ‘Spam? Read this.’ is closed to new replies.