I just found one interesting article about stopping spam on WordPress’ blog. Article is from catswhocode.com and is called “Top 10 ways to stop spam in WordPress”. Everything’s fine. We should fight with all kind of spammers. However… not all the possible ways.

First I will present TOP10 ways from catswhocode.com:

1. Install Akismet
2. reCAPTCHA
3. Ask your readers to do 1+1
4. Stop spam trackbacks
5. Make users login to comment
6. Ban spammers by IP
7. Ban spammers by IP, on a massive scale
8. Deny comment posting to no referrer requests
9. Stop content theives
10. Stop spammers stealing your images

Ok… and now:

I won’t talk about point 9 and 10, because these are about technical aspects of preventing from stealing content and that is related to each blogs’ policy of privacy. Some of the bloggers don’t want to give possibilites to copy their content, for some of them – it doesn’t matter.

Lets get down to the nitty gritty… first what you need to understand is that your commentators are the humans, generally really busy humans. You need to understand that people don’t like to comment non-popular blogs or websites. They don’t even like to write comments on popular websites. They want have to write comment below the post – that’s why they write it. They have to, because:

• they want to promote themselves and their websites or blogs
• they want to ask for something
• they want to promote themselves and their websites or blogs

And… what’s the most important: they want to do it fast and in the easiest possible way.

That’s why all kind of things, functionalities, functions, mechanisms which could complicate the comment form are nothing more than just a bad idea. None of the anti-spam mechanism are good enough, none of them will give you 100% guarantee of success. There is only one way for 100% protection from spammers: turn off your website or blog. However… that’s not what we want.

Of course… we should fight with spammers. However… we need to use thoughtful solutions.

1. Akismet

Absolutely YES. The best (and the easiest) way to protect from spammers.

“Akismet is a spam-fighting service that is different from others such as Spam Karma 2 or Bad Behavior in that it checks the content of the comment anonymously with an online server, to determine whether it is spam or not.”

What’s the most important: editor has much less of work and nothing has changed for the commentators – he (or she) doesn’t need to do anything else, than he (or she) had to do, before akismet has been turned on.

2. reCaptcha

Absolutely not. If you don’t  have any other options (like in register forms) – it could be not bad (not good – just not bad). However… in this case – it’s not.

It’s always hard to read it. Most of the spam bots can broke it without any problem. User (commentator) needs to think, read, try to write it… Bad solution!

3. Ask your readers to do 1+1

Not so bad, as reCaptcha… however it’s still not what we want.

It’s not so hard to read it, however… user needs to read it, needs to count it, needs to think about it. And what’s the most important… spam bot can do it, as well – even faster than your users.

4. Stop spam trackbacks

Could be good, however I’m not really sure is it really usefull for us. I don’t use it, however maybe I should try?

“It checks if the IP address of the sender of the trackback is the same as the IP address that the trackback URL refers to, thus eliminating [lots]% of trackback spam as spammers won’t use bots running on infected machines.”

5. Make users login to comment

Absolutely not. Nobody wants to register on your site, everyboby has an account on facebook, twitter, gmail/yahoo/msn/hotmail. They don’t need next account, they will forget their username and password to your website.

They simply want to add a comment to your post! Nothing more.

6 and 7. Ban spammers by IP / Ban spammers by IP, on a massive scale

Could be good, but:

• you need to have technical skills to do it
• you need to be absolutely sure that all kind of ‘users’ from these IPs are spammers – if some of them are not – you will loose commentators, because they won’t return anymore after you would call them spammers

8. Deny comment posting to no referrer requests

Hmmm… that’s really hard to say is it good, or not.

In my opinion: it’s not a good idea to use HTTP_REFERER ever. If you can use something else – just use it. HTTP_REFERER doesn’t work properly in some situations, there is no HTTP_REFERER if you are using 3rd party application, etc. I don’t recommend this solution.

So summary…

use Akismet, eventually… stop spam trackbacks and if you are absolutely sure – ban spammers by IP. After that… do not be afraid to dirt your hands. Just be patient and come to terms with nothing is perfect. Sometimes you need to do something by your own hands – none of the tech solutions are perfect.