How to Stop WordPress Spam Comments? (All 18 Solutions)

One of the common issues that webmasters face is receiving a lot of spam comments. Which unfortunately is a sad reality on the internet.

This kind of comment also may appear on social media platforms and each day their number increases. Even WordPress with many features and abilities faces this issue.

Although you can’t completely stop WordPress spam comments, with the help of plugins, techniques, and different settings, you can decrease the speed at which spam comments come your way or prevent them from being published.

One of the popular WordPress comment plugins is tools to stop WordPress spam comments. If the number of comments is limited, you could manually delete them but if there are a lot of them, this process could take a lot of time and energy. Therefore, in order to prevent WordPress spam comments, we should use the right tools and ensure that they work with our WordPress theme.

In this article, we will explain several ways to stop WordPress spam comments:

Spam is a message or content sent to users without them requesting it or needing the content within. These spams can be sent to your email or posted as a comment on your website.

Usually, spam comments have a business aspect to them. Nowadays, there are different types of comments posted automatically by spammer bots. In WordPress, spam comments could include a broken and malicious link.

If your comment section is full, other users won’t be able to post their real comment about the content they are viewing, due to the flux of useless spams. Ultimately, this will reduce your credibility.

Spam comments are usually posted by bots. The main goal behind the comments is to achieve a higher ranking in search engines and also, increase the clicks through rate of real visitors.

Backlinks (links from other sites to yours) are a known way of receiving better Google rankings. A spam comment is one of the easiest ways to get backlinks.

Ultimately, this will lead to a higher profit. So we can say, the main goal behind sending spam comments is to get more profit. Imagine spam comment that includes a link gets sent to a million users, what would happen if only 1% of them clicked on it?

However, there are a lot of people who merely send spam comments to get personal information. Some spam comments also may include malicious links that could potentially decrease the website’s ranking. Unfroutatenly, we see a lot of dirty competition between websites that lead to the usage of spam comments.

There are multiple ways to stop WordPress spam comments. First, we will discuss simple ways and then we move up to the more advanced methods.

The first and easiest way to fight spam comments is to disable your comment section. If your WordPress website is designed in a way that you don’t need comments, we recommend you to disable it.

The easiest way to disable comments is to uncheck comments
in settings > discussion.

Another way to disable the comment section is by using Disable comments plugin. This plugin allows you to completely disable your comment section. Also, this plugin disables trackbacks and pingbacks.

You can also use code to disable your comment section of
your pages. Simply add the code below to your page.php file:


<?php comments_template( '', true ); ?>


<!-- Begin Comment
<?php comments_template( '', true ); ?>
End Comment -->

If you want to disable comment section from your posts, you need to add the code below to your single.php file:


<?php comments_template(); ?>


<!-- Begin Comment
<?php comments_template( '', true ); ?>
End Comment -->

These codes will disable comment section from all your pages.

Another way to fight spam comment is by disabling anonymous comments.

The WordPress comment section has 4 fields:

If the anonymous comment is enabled, then none of the fields (including name and email) are required. This will make your website a prime target for spammers.

To disable anonymous comments, simply head to discussion and
enable “comment author must fill out name and email”.

Another way to stop WordPress spam comment is by enabling comment moderation. This means the comments need to be approved by a moderator before they are displayed on the website.

By enabling this option, you will have to manually approve
spam and non-spam comments before they are visible on the website.

The second option is to define words that need moderation. Meaning if it’s presented in any part of the comments, the comment will be reviewed before getting published. You can also control comments which include links.

WordPress allows you to disable the comment section for your old posts. This ability is very useful for websites that have a lot of content, such as news websites.

To do so, head over to your settings and then discussion and
locate “other comment settings” section and check the box that says
“automatically close comments on articles older than 14 days”. You can change
14 to any number you wish.

This way, WordPress will disable comments based on your settings (days – date) and they will not cause a problem anymore.

5. Blacklist for comments and spams

spam comments usually include familiar keywords. So you can easily add them to your blacklist and prevent them from posting on your website.

You can simply create a blacklist of keywords and WordPress will automatically delete a comment that includes these keywords.

To do so, head over to your WordPress settings >
discussion and look for blacklist.

In this section, you can enter your desired keywords, so if any comment uses them, it gets automatically deleted. However, you must carefully select your keywords so that your audience’s comments don’t get deleted.

As mentioned above, the main purpose of spam comments is to add a link to your site. Therefore, limiting links in comments is another way to fight spam comments.

To do so, head over to your WordPress dashboard > settings > discussion and scroll down to comment moderation, in the section which covers the number of links in a post, you can change the number of links allowed in each comment. By default, this number is 2 but you can change to 1 or even 0.

Having a URL field in the comment section will attract spammer bots. Also, there is a temptation for users to post a comment under their website’s name. These comments are usually nonsense, but their name includes a combination of keywords from their websites or sometimes their Instagram’s name.

To remove URL from comment section, you will have to add the
code below to your function.php file:

function wpb_disable_comment_url($fields)  
return $fields;


This code will remove fields in your comment section. You
can use your FTP account to access function.php file.

WordPress automatically creates different pages for your attachments (even images), so that users can view and post comments. There are a lot of these pages with the comment section on your website. If images are used in your content as a primary purpose, it’s a good idea to keep the comment section. But if you don’t want users to comment on your images, you must disable comments from the attachment page.

The easiest way to disable comments from attachment page is by installing Disable Comments. After activating head over to your settings and disable comments and click on Media. Then save your changes.

Another method to stop WordPress spam comment is by disabling HTML in comments. By doing so, people or bots won’t be able to add links or malicious codes to their comments. Simply add the code below to your functions.php file:

function wpb_comment_post( $incoming_comment ) 
    $incoming_comment['comment_content'] = htmlspecialchars($incoming_comment['comment_content']);
    $incoming_comment['comment_content'] = str_replace( "'", ''', $incoming_comment['comment_content'] );
    return( $incoming_comment );
    function wpb_comment_display( $comment_to_display ) 
     $comment_to_display = str_replace( ''', "'", $comment_to_display );
     return $comment_to_display;

add_filter( 'preprocess_comment', 'wpb_comment_post', '', 1);
add_filter( 'comment_text', 'wpb_comment_display', '', 1);
add_filter( 'comment_text_rss', 'wpb_comment_display', '', 1);
add_filter( 'comment_excerpt', 'wpb_comment_display', '', 1);
remove_filter( 'comment_text', 'make_clickable', 9 );

10. Disable sending trackbacks from new posts in WordPress

Trackbacks create spam comments. Most bloggers don’t need trackbacks. If you don’t need them, you can simply disable them and reduce your spam comments.

To disable trackbacks, from the dashboard, head over to Settings > Discussion and uncheck “Allow link notifications from other blogs (pingbacks and trackbacks) on new articles”.

11. Use Akismet to stop spam in WordPress

Although there are many plugins to stop WordPress spam comment, Akismet is the most popular plugin. This plugin automatically detects spam comments and marks them.

Akismet have many elements to detect spam comment and learns from users how to fight spam comment.

You can also see spam comment statistics from Akismet to see how much it has helped you. Akismet comes in both premium and free versions.

12. Use Sucuri to stop spam in WordPress 

Although Akismet can delete most of your spam comment, it cannot limit spammers from accessing your website. Unlimited requests from bots to post comments on your website can decrease your ranking and performance of your website.

Sucuri is one of the best firewall plugins out there. This plugin will block any suspicious requests from accessing your website. In addition, it can prevent bots from posting comments on your website, therefore, decreasing spam comments.

13. Use Honeypot to stop bots

Honeypot is a computer security mechanism designed to detect bots. After detecting bots, you can easily block their comments.

First, you need to install and activate the Antispam Bee plugin. After activation, head over to your WordPress dashboard > Settings and then Antispam Bee and enable spam detection. Then save the changes.

Honeypot is now activated and will begin detecting and block bots from commenting on your website. This plugin has other features as well. For example, adding an IP address to a blacklist.

reCaptcha is a test, designed by Google which only humans can pass. With WP Comments plugin you can add reCaptcha to your comment section.

reCaptcha is an advanced form of Captcha, which is designed to stop bots. Captcha is short for “Completely automated public Turing test to tell computers and humans apart “. Bypassing this technology is very difficult for bots.

To add reCaptcha to the comments section, we recommend the Invisible Recaptcha Plugin. It’s a great plugin that stays out of the way when necessary.

To add Invisible Recaptcha to WordPress, read our article about this very subject.

The technology behind Disqus is similar to Akismet. It’s an anti-spam technology which improves over time. Like WordPress managerial tool, this technology allows you to choose which comments need to be approved and/or which links shouldn’t be used in comments.

You can also add a blacklist and whitelist. To use Disqus in WordPress you need to install Better Disqus Comments Pro plugin on your website.

Having Facebook comments is a good option for WordPress. However, users need to log into Facebook to post comments. If your users are not registered with Facebook, the process of posting a comment on your website could be difficult and confusing.

Using this system is totally up to you. If you want to add Facebook comments to your website, simply install the Better Facebook Comments plugin.

Although CloudFlare alone isn’t enough to prevent spam comment, it can be useful.

The security features of CloudFlare can protect your website from spammers and bots and it will reduce spam comment dramatically. One main benefit of using CloudFlare is the ability to select security levels.

You have two ways to install CloudFlare. The first way is to enter your WordPress panel and install it by one click. The second way is by going to the official website of CloudFlare. CloudFlare has 5 main security levels:

  1. Essentially Off
  2. Low
  3. Medium
  4. High
  5. I’m under attack!

We recommend using the low-level security, until your website is under attack by bots or spam comment is getting out of control.

18. Use other methods and plugins

Although you can stop WordPress spam comment with plugins and ways mentioned above, there are still other ways to try.

Though Akismet is very popular and has many active users around the world, there are many other plugins with better features.

  • The Quiz is one of the best and popular anti-spam plugins. This plugin adds a question and answer form to your comment section. People need to answer the questions correctly to be able to post comments on your website. You can modify the questions and ask questions about your website.
  • WP-reCaptcha plugin has over 518 thousand downloads and 4.1 out of 5 in reviews. This plugin adds a reCaptcha box to your website and users must complete the process before posting a comment.
  • WordPress Simple Firewall plugin has over 52 thousand downloads and 5 out 5 in reviews. You don’t need to configure this plugin. It will work automatically after installation and activation which will protect your website from bots.
  • Stop Spam Comments is another plugin which works similar to a firewall plugin. It has over 12 thousand downloads and 4.5 out of 5 in reviews.


Spam comments can have a negative impact on your website, which will decrease your traffic and ranking. Cleansing spam comments can be challenging for users and you need to use different strategies to do it. To stop WordPress spam comment you can:

  • Limit number of links in
  • Create a blacklist of
    keywords used in comment spam
  • Use comment moderator
  • Limit comments
  • Use anti-spam plugins

There are also many other ways to stop WordPress spam comments that you can use.

Leave a Reply