Beat all kinds of captcha validation! Optimal WordPress comment spam blocking method - fast and high blocking rate!

WordPress spam comment blocking
Article List
Article List

There is no place for spam comments! Being OCD I have no tolerance for spam comments/emails. Plus I'm a speed freak, so I've been looking for a spam blocking method that balances block rate and speed. Here's what we've learned about WordPress comment spam blocking.


The dangers of spam comments

WordPress spam comments are too much, all marketing advertising and external links implanted. Generally occur in the article comments, the input url will be automatically inserted into the comment avatar, name inside so as to generate external links. External link implantation of the comment content is generally 1-2 praise words: "Thank you for the author to write such a good article to help us", and so on and so forth.

Spam comments are automatically scanned and replied by bots, and most of them can be blocked by plugins such as Google reCAPTCHA, but there are still some programs that can break CAPTCHA and receive spam every week.

Comments that have nothing to do with the content of the site will affect the normal visitor experience, while reducing the weight of the site affect SEO results. If the comments with phishing URLs may also cause property damage, viruses, etc. If you set up new comments and forms to automatically send email alerts, you will receive emails as soon as there are spam comments, which is very annoying.


WordPress spam comment blocking efficient method

WordPress spam comments often occur in article comments, forms, Woocommerce product reviews. The following shares the corresponding blocking methods according to different contents.

First, the conclusion.If you are using Cloudflare, it is preferred to use theCloudflare Turnstile Verification CodeThe interception rate as well as the speed is the best, and there is no need to install any other CAPTCHA plugins. If you don't useCloudflare, recommendedMaspik PluginIntercept, if the effect is not enough you can addWP Armor.

At the same time, you should also follow the tutorial below to make some basic settings to greatly enhance the interception effect, such as article comments to enable "comments must be manually approved", so that spam comments will only be displayed on the front end after manual approval.


WordPress article spam comment blocking method

Article spam comments are the hardest hit, and the vast majority of CAPTCHA plug-ins only take effect on the form, the article comments can do nothing. Here we recommend an efficient and simple blocking method, you just follow the method below, you can block 99.99% article spam comments.

Go to "Settings" > "Discussion" to prevent spam comments from showing up automatically.


The red boxes below are ticked

Pasted 2

Pasted 3

Then installMaspik Interceptor Pluginin accordance withMaspik Setup TutorialJust set it up.

If you want to intercept even better, you can add theWP Armor Honeypot Antispam Plugin + UseCloudflare Turnstile.


Woocommerce spam evaluation blocking method

A few years ago, a Singaporean foreign trade company found us to change the WordPress website, and one of the requirements was to block the website spam comments. The client said the website would receive dozens of hundreds of spam comments every day, and the mailbox was jammed.

The client said the site was made by a good friend who hired an Indian guy to make it, using a cracked theme / plugin that has not been updated for many years. There is no firewall and no spam comment blocking, and the product comment section is a spam disaster area.

Woocommerce product reviews should also do spam comment blocking, the settings are relatively simple. If it is 2B website is not recommended to open the product evaluation function, set it off according to the following chart. Modify the path: Backstage Woocommerce section > Settings > Products, find the evaluation settings.

Pasted 16

If it is a 2C e-commerce website you need to turn on the comment function to help improve the conversion rate. Check the box as belowOnly "verified users" can participate in the evaluationOnly customers who have purchased can evaluate and eliminate spam comments from the root.

Pasted 17

If you want to intercept even better, you can add the installation of theWP Armor Honeypot Antispam Plugin + UseCloudflare Turnstile.


Form (form) spam blocking method

Form (Form) is the following chart to allow customers to submit information / message input box, commonly used to create inquiries, message system, the site must. Form is also a spam message disaster area, according to the above method set up after the basic receipt of spam comments, but the form spam message or there is a leak of fish.

Pasted 73

At present, people mainly use various Captcha to block spam messages, the blocking rate is good, but still receive bad messages every week. Moreover, these CAPTCHAs require online verification, which slows down the form submission and page loading speed and affects the user experience, so it is not recommended.

After multi-site experiments, we feel that the installation of blacklist keyword blocking plug-ins to intercept the best results, the fastest. Different forms have different blocking plug-ins and methods, here we mainly introduceFluent Forms ProForm and Elementor Pro form spam blocking methods.

Other forms (e.g. Wp forms, Ninja forms, etc.) refer to Elementor Pro form blocking method, similar installationMaspikThe blacklist keyword blocking plugin can be used, please move to Baidu and Google for details.



Fluent Forms Pro spam blocking method

If the page where the form is located does not contain Elementor code, it is recommended to use the Fluent Forms Pro plugin to create inquiry forms, message functions, etc. Fluent Forms Pro isFastest speedform plug-in that makes it easy to create forms with dozens of form templates.

If you are currently using a plugin like WP forms to create forms, we recommend switching to Fluent Forms Pro, which is faster and has a higher spam blocking rate. ClickDownload Fluent Forms Pro plugin and see how to create forms accordingly.

Fluent Forms Pro Benefits.
Speed.We have comparedWP FormsAmong the several well-known form plugins within, Fluent Forms is the fastest, loading only the four resources in the figure below for a total of 47.3KB on the front-end, and adding form code only on pages with Fluent Forms.

If the form is inserted via shortcode, the resource in the red box below can be disabled site-wide, as it only works if the Fluent Forms form is inserted via the Elementor widget.

Pasted 70

In comparison WP Forms forms load over 100KB of resources on the front end; Ninja Forms loads over 200KB; Contact Form7 loads form code on all pages.

Form storage.Fluent Forms comes with a form storage function, and there will be a prompt in the background for new messages to avoid missing inquiries. Contact Form7 doesn't have form storage function, you need to install additional DB plugin, and the interface is not very friendly.

Powerful features.Fluent Forms has many types of form templates and features to do collections, conversations, subscriptions, surveys, signature functions and more. It is easy to extend the functionality of your website later. It is easy to set up and recommended to use.

Spam protection.Fluent Forms' honeypot function is more powerful than that of similar plugins. And there is a unique field blacklist blocking function, which can individually set which keywords are prohibited in each input area, greatly improving the success rate of blocking spam messages.

Click to viewWPForms VS Fluent FormsClick to viewGravity Forms vs Fluent Forms.

The unique blacklist keyword blocking feature and powerful honeypot feature can effectively block spam/message. With this form plugin there is no need to install the Maspik spam comment blocking plugin mentioned below, Fluent Forms is highly recommended!


Fluent Forms Pro Message Blacklist Keyword Settings

In the "Settings&Integrations" settings of the corresponding form, find "Form Settings" > "Advanced Form Validation".

Pasted 54

The following is the method to set the blacklist keywords of the form, choose the input box type of the form on the left, choose contails in the middle, and enter the blacklist keywords to be blocked on the rightmost side. Please set the keywords according to your own website.

At the beginning of the interception rules should not be set too strict, for fear of injuring normal visitors. Subsequently, according to the content of the spam form and then increase the keyword interception appropriately.

Pasted 71


The honeypot feature should also be turned on, with a max blocking effect! The honeypot is a hidden input box that only bots can see. Once a bot enters something into this hidden box, it will be blocked. Click into "Global Settings".

Pasted 64

In "Settings", find.

There are 3 types of Captcha settings in the "Global Settings", which can be turned on as needed. In principle, we do not recommend using any Captcha validation, as it will reduce the customer experience and have an impact on the page loading speed.

Pasted 106


To continue to enhance the blocking effect, it is recommended to enable Cloudflare'sTurnstile, faster, good interception, no need to visit an external server to verify, better than reCaptcha.

Enable method: Click the following figure in numerical order to enter the Turnstile setup page, fill in 2 Keys (first go to Cloudflare to generate), click the blank position, it will be automatically verified and linked to the Turnstile. if the link is successful there will be a prompt, if the link is unsuccessful there will be no prompt, it should be a problem with the Keys to check it out themselves.

image 1

Pasted 95   

Pasted 90

Be sure to test the form blocking feature with your browser privacy mode after setting it up. If you use forms like Wp forms, you can search and download other similar keyword blacklist blocking plugins instead of Maspik.


Elementor Pro spam blocking method

If the page where the form is located is built using Elementor (Ele for short), we recommend using Elementor Pro to build the form by clickingDownload free Elementor ProElementor's forms feature is very good, easy to use, more powerful, no need to install Contact Form 7 (CF7), Wp forms and other plug-ins to increase the burden on the server.

And Elemenotr form submission is fast, recommended to installContact Form DB PluginSave the ele form (inquiry) data submitted by customers in the background, there will be a prompt at the top of the background when a new form is submitted.

To enhance Elementor Pro's spam blocking capabilities, you need to installMaspik PluginPlugin. The local validation burden is small and fast, and the free version supports Elementor, WordPress article comments, and is perfectly adequate.

If you still want to intercept better, you can install theCloudflare Turnstile plugin.

First turn on the honeypot function in Ele form, then install the Maspik plugin and set it up as per the tutorial below.

How to insert inquiry buttons and forms into the product detail page template?

If a product detail page or something is made using a theme (instead of Elementor), many people don't know how to insert the Inquiry inquiry button and inquiry form. In fact, you can use the Hook method to insert them. For details, please go toThe super practical WordPress Hook usage sharing, page insert inquiry button, form, ACF field, etc..


Excellent plugin recommendations for blocking spam registrations, messages/comments

In addition to the above mentioned methods, you can also install other plug-ins to further enhance the spam blocking function, it is recommended to install them as needed, and some duplicate functions are recommended to be enabled only in one place.


WP Armor - Honeypot Antispam

WP ArmorCombines the use of JS (which spambots can't use) and unique hidden fields to block spam, and works much better than the honeypot feature that comes with the form. Very lightweight, doesn't make any external calls and is GDPR compliant. If you have a form plugin or something that already has honeypot functionality, you don't need to install this plugin.

The free version is suitable for protecting the content below ↓ and they have a premium version if you need extra protection. The plugin is updated regularly and the developers are very active in the support forum.

Pasted 100


Maspik Forms Blacklist Keyword Blocking Tool

MaspikMaspik is a message content blacklist keyword/email blocking plugin, after setting the blacklist keyword/email, when the message appears in the corresponding keyword/email will be blocked. Local validation, no code added to the front-end, so it is fast.

The free version applies to the content below, it is highly recommended to install it if using Elementor forms, Fluent Forms comes with this feature without additional installation.

Pasted 101

Here's a tutorial on how to set up and use Maspik:

1- Download and installMaspik PluginAfter entering the plug-in Options settings interface ↓.

Pasted 6

The other features are enabled on demand.

Pasted 8


2- Go to plugin blocking settings

Pasted 7

A reminder will appear at the top where the block will take effect in this plugin

Pasted 11

Leave the default settings as they are, except for those mentioned below.

In the "Email field", enter the email address of the spam message you received.

Pasted 85

 In the "Text area field", enter the keywords to be intercepted, one line at a time.

Eric Jones
Emma Miller
seo software
fixed monthly
Instagram growth
monthly fee
with graphic design
AI system
AI system
AI system mathewbloch
monthly fee

image 3

Caution.If the site has registered members, and the member information is bound to the URL, set the ban on comments "http" will lead to members can not comment. This is because the member's comment will automatically insert the bound URL into the url box, resulting in interception. You need to remove the "http" blocking keyword, or disable the backstage members bound URL.

In the ""Text area field"↓ enter the intercepted keywords, one per line. As long as the form Text area field (comment/message content) enter any one of the intercepted keywords will be intercepted.

If you still receive spam after using this plugin, add the special words in the email (e.g. company name, person's name, special words, etc.) to this to block it.

Eric Jones
Emma Miller
seo ranking
seo ranking software

Don't set the keywords too strictly for fear of mistakenly intercepting normal comments. Be sure to test the comments after setting! If you still receive spam, fill in the special keywords in the message into the "Text area field" to intercept.

Scroll down the page to the setting location below and enter 1. As long as there are more than (including) 1 URL inside the comment, it will be blocked.

Pasted 13

The following 2 items set the disabled comment language, but there are too few languages to choose from. We've given the plugin author a comment and hope she can add more languages.

Pasted 38

Put the IP address of the spam commenter into the box below to block it.

Pasted 36

According to the following settings, enable the red box function, and fill in the Validation error message to indicate the content of the blocked message.

image 5

Finally click "Save Changes" Pasted 14 . This is the end of the settings, go to the front of the message comments to test the blocking effect 😀 .


Enable Maspik after the proposed pre-point view of the intercepted form ↓, see if there is no wrong interception, appropriate adjustment of the interception of keywords.

image 2

Pasted 104

Pasted 105


Cloudflare Turnstile

Cloudflare Turnstileis a powerful, lightweight interception tool from Cloudflare that is a perfect alternative to Google reCAPTCHA and more. Totally free, no frustrating puzzle validation, and even an invisible mode. Fast, GDPR-compliant, and cookie-free.

turnstile gif

Install the free Simple Cloudflare Turnstile WordPress Plugin You can add Cloudflare Turnstile to your website. It supports the content shown below and covers a wide range of content.Fluent Forms comes with Cloudflare Turnstile, so there is no need to install this plugin additionally.

Pasted 102

Pasted 103


The following is the application verification code and plugin setup method ↓:

InCloudflare backendClick to go to the Turnstile board

image 8

Click on "Add Site"

image 9

Enter the content as prompted and tap Create Success to generate the Site Key and Password.

image 10


Here's how to set up the plugin, interested in checking it out as wellPlugin official setup tutorial.

Fill in the 2 secret keys in order.

image 11

Select the scope of the validation application and click "Save Changes". In Elementor Forms, you can choose where the validation code will appear on the form.

image 12

After keeping the plug-in settings page will prompt the top of the verification, click on the verification. After passing the validation prompts the content of the following figure, the setup is complete.

image 16

Pass the verification ↓

image 13

When viewing the page in browser privacy mode, validation appears below the form and the submit button is in an unavailable state, the CAPTCHA function works correctly.

image 14

After clicking on the verification box, it prompts to pass the verification ↓, which is very convenient.

image 15


Article out of date? Have a better opinion? Have a question? Please leave your comments below and we will follow up.

Recommended Articles.
Comments :


The email address will not be disclosed, and the URL needs to be removed from https://前缀 for insertion.

  • WeChat Service
Quick login without registration

Enter your username and password to log in

Have no account? Forgot password?