There is no place for spam comments! As an OCD person I can't tolerate spam comments/emails. In addition, Mo is a speed fanatic, so I have been looking for a spam blocking method that balances the blocking rate and speed. Here are some tips on how to block spam comments on WordPress.
The dangers of spam comments
WordPress spam comments are too much, all marketing advertising and external links implanted. Generally occur in the article comments, the input url will be automatically inserted into the comment avatar, name inside so as to generate external links. External link implantation of the comment content is generally 1-2 praise words: "Thank you for the author to write such a good article to help us", and so on and so forth.
Spam comments are automatically scanned and replied by bots, and most of them can be blocked by plugins such as Google reCAPTCHA, but there are still some programs that can break CAPTCHA and receive spam every week.
Comments that have nothing to do with the content of the site will affect the normal visitor experience, while reducing the weight of the site affect SEO results. If the comments with phishing URLs may also cause property damage, viruses, etc. If you set up new comments and forms to automatically send email alerts, you will receive emails as soon as there are spam comments, which is very annoying.
How to implement WordPress spam comment blocking?
WordPress spam comments often occur in article comments, forms, Woocommerce product reviews. The following shares the corresponding blocking methods according to different contents.
First, the conclusion.Elementor等表单+Woocommerce Product Reviews + Article ReviewsUseCloudflare Turnstile Verification CodeThe plugin will do, and the interception effect can go up to 99.91 TP3T.Fluent form comes with Cloudflare Turnstile CAPTCHA feature, no need to install additional plugins. You can also use Cloudflare Turnstile CAPTCHA plugin to replace the Cloudflare Turnstile feature that comes with Fluent form.
Cloudflare Turnstile CAPTCHA plugin is not compatible or mainland websites can not be linked, it is suggested thatUseMaspik Plugin拦截,通过不断添加调整黑名单关键字截效果可以去到99.5%(使用体验),If the effect is not enough, you can add it.WP Armor.
Install the plugins mentioned in ↑ above first according to your own website.At the same time, you should also follow the tutorial below to make some basic settings to greatly enhance the interception effect, such as article comments to enable "comments must be manually approved", so that spam comments will only be displayed on the front end after manual approval.
Tip: Configure all the interception functions must be strictly tested under each form submission function! If you can not submit the form, errors, please leave a message at the bottom of the article, there will be specialized customer service to answer.
WordPress Post Spam Comment Settings
Article spam comments are the hardest hit, and the vast majority of CAPTCHA plug-ins only take effect on the form, the article comments can do nothing. Here we recommend an efficient and simple blocking method, you just follow the method below, you can block 99.99% article spam comments.
Go to "Settings" > "Discussion" to prevent spam comments from showing up automatically.
The red boxes below are ticked
Woocommerce Spam Review Blocking Settings
A few years ago, a Singaporean foreign trade company found us to change the WordPress website, and one of the requirements was to block the website spam comments. The client said the website would receive dozens of hundreds of spam comments every day, and the mailbox was jammed.
The client said the site was made by a good friend who hired an Indian guy to make it, using a cracked theme / plugin that has not been updated for many years. There is no firewall and no spam comment blocking, and the product comment section is a spam disaster area.
Woocommerce product reviews should also do spam comment blocking, the settings are relatively simple. If it is 2B website is not recommended to open the product evaluation function, set it off according to the following chart. Modify the path: Backstage Woocommerce section > Settings > Products, find the evaluation settings.
If it is a 2C e-commerce website you need to turn on the comment function to help improve the conversion rate. Check the box as belowOnly "verified users" can participate in the evaluationOnly customers who have purchased can evaluate and eliminate spam comments from the root.
Form (form) spam blocking settings
Form (Form) is the following chart to allow customers to submit information / message input box, commonly used to create inquiries, message system, the site must. Form is also a spam message disaster area, according to the above method set up after the basic receipt of spam comments, but the form spam message or there is a leak of fish.
At present, people mainly use various Captcha to block spam messages, the blocking rate is good, but still receive bad messages every week. Moreover, these CAPTCHAs require online verification, which slows down the form submission and page loading speed and affects the user experience, so it is not recommended.
After multi-site experiments, we feel that the installation of blacklist keyword blocking plug-ins to intercept the best results, the fastest. Different forms have different blocking plug-ins and methods, here we mainly introduceFluent Forms ProForm and Elementor Pro form spam blocking methods.
Fluent Forms Pro Spam Blocking Settings
If the page where the form is located does not contain Elementor code, it is recommended to use the Fluent Forms Pro plugin to create inquiry forms, message functions, etc. Fluent Forms Pro isFastest speedform plug-in that makes it easy to create forms with dozens of form templates.
If you are currently using a plugin like WP forms to create forms, we recommend switching to Fluent Forms Pro, which is faster and has a higher spam blocking rate. ClickDownload Fluent Forms Pro plugin and see how to create forms accordingly.
Fluent Forms Pro Benefits.
Speed.Our Diiamo comparisons have includedWP FormsAmong the several well-known form plugins within, Fluent Forms is the fastest, loading only the four resources in the figure below for a total of 47.3KB on the front-end, and adding form code only on pages with Fluent Forms.
If the form is inserted via shortcode, the resource in the red box below can be disabled site-wide, as it only works if the Fluent Forms form is inserted via the Elementor widget.
In comparison WP Forms forms load over 100KB of resources on the front end; Ninja Forms loads over 200KB; Contact Form7 loads form code on all pages.
Form storage.Fluent Forms comes with a form storage function, and there will be a prompt in the background for new messages to avoid missing inquiries. Contact Form7 doesn't have form storage function, you need to install additional DB plugin, and the interface is not very friendly.
Powerful features.Fluent Forms has many types of form templates and features to do collections, conversations, subscriptions, surveys, signature functions and more. It is easy to extend the functionality of your website later. It is easy to set up and recommended to use.
Spam protection.Fluent Forms' honeypot function is more powerful than that of similar plugins. And there is a unique field blacklist blocking function, which can individually set which keywords are prohibited in each input area, greatly improving the success rate of blocking spam messages.
Click to viewWPForms VS Fluent FormsClick to viewGravity Forms vs Fluent Forms.
The unique blacklist keyword blocking feature and powerful honeypot feature can effectively block spam/message. With this form plugin there is no need to install the Maspik spam comment blocking plugin mentioned below, Fluent Forms is highly recommended!
Fluent Forms Pro Message Blacklist Keyword Settings
In the "Settings&Integrations" settings of the corresponding form, find "Form Settings" > "Advanced Form Validation".
The following is the method to set the blacklist keywords of the form, choose the input box type of the form on the left, choose contails in the middle, and enter the blacklist keywords to be blocked on the rightmost side. Please set the keywords according to your own website.
At the beginning of the interception rules should not be set too strict, for fear of injuring normal visitors. Subsequently, according to the content of the spam form and then increase the keyword interception appropriately.
The honeypot feature should also be turned on, with a max blocking effect! The honeypot is a hidden input box that only bots can see. Once a bot enters something into this hidden box, it will be blocked. Click into "Global Settings".
In "Settings", find.
There are 3 types of Captcha settings in the "Global Settings", which can be turned on as needed. In principle, we do not recommend using any Captcha validation, as it will reduce the customer experience and have an impact on the page loading speed.
If the Simple Cloudflare Turnstile plugin is not additionally installed, it is recommended here to enable Fluent Form's Cloudflare'sTurnstileCAPTCHA feature. If the Simple Cloudflare Turnstile plugin is already installed, there is no need to enable the Turnstile CAPTCHA feature here.
Enable method: Click the following figure in numerical order to enter the Turnstile setup page, fill in 2 Keys (first go to Cloudflare to generate), click the blank position, it will be automatically verified and linked to the Turnstile. if the link is successful there will be a prompt, if the link is unsuccessful there will be no prompt, it should be a problem with the Keys to check it out themselves.
Be sure to test the form blocking feature with your browser privacy mode after setting it up. If you use forms like Wp forms, you can search and download other similar keyword blacklist blocking plugins instead of Maspik.
Elementor Pro Form Spam Blocking Settings
If the page where the form is located is built using Elementor (Ele for short), we recommend using Elementor Pro to build the form by clickingDownload free Elementor ProElementor's forms feature is very nice, easy to use and more powerful.Suggest a new honeypot field in the form to initially block some of the spam..
And Elemenotr form submission is fast, recommended to installContact Form DB PluginSave the ele form (inquiry) data submitted by customers in the background, there will be a prompt at the top of the background when a new form is submitted.
How to insert inquiry buttons and forms into the product detail page template?
If a product detail page or something is made using a theme (instead of Elementor), many people don't know how to insert the Inquiry inquiry button and inquiry form. In fact, you can use the Hook method to insert them. For details, please go toThe super practical WordPress Hook usage sharing, page insert inquiry button, form, ACF field, etc..
Excellent plugin recommendations for blocking spam registrations, messages/comments
In addition to the methods mentioned above, plug-ins need to be installed to further enhance the spam blocking function, and it is recommended to install them as needed. Some duplicate functions are recommended to be enabled only in one place.
Cloudflare Turnstile
Bug 1: Elementor form may not work if it is placed inside the Elementor Popup popup, this blocker plugin has been fed back to the author, hope to fix it as soon as possible.
Bug 2: When using this plugin to add validation to Fluent Forms, the validation code appears below the button instead of above, feedback to plugin author. Suggest to use the Turnstile function that comes with Fluent forms instead.
Cloudflare Turnstileis a powerful, lightweight interception tool from Cloudflare that is a perfect alternative to Google reCAPTCHA and more. Totally free, no frustrating puzzle validation, and even an invisible mode. Fast, GDPR-compliant, and cookie-free.
Domestic websites that don't use the Cloudflare CDN will also work! Simply add theTurnstile官网注册账号,花2分钟配置下即可。Some domestic servers may link CF speed is poor, CAPTCHA does not show can not be used, must be their own test, can not be used to change the use ofMaspik Plugin.
Install the free Simple Cloudflare Turnstile WordPress Plugin You can add Cloudflare Turnstile to your website. It supports the content shown below and covers a wide range of content.Fluent Forms comes with Cloudflare Turnstile, so there is no need to install this plugin additionally.
The following is the application verification code and plugin setup method ↓:
InCloudflare backendClick to go to the Turnstile board
点击“添加站点”,按下图提示选择域名和模式点“创建”。注意:如果域名没有使用Cloudflare CDN,无法选择,只能手动输入。输入后等会下方弹出灰色提示框(添加自定义域),点击就行。
复制2个密匙,等下要粘贴到网站插件Simple Cloudflare Turnstile设置界面相应位置。
下面是插件设置,链接Turnstile的方法,感兴趣也可以查看Plugin official setup tutorial.
Fill in the 2 secret keys in order.
Select the scope of the validation application and click "Save Changes". In Elementor Forms, you can choose where the validation code will appear on the form.
After keeping the plug-in settings page will prompt the top of the verification, click on the verification, remember to check the box. After passing the verification, the following picture will be prompted, and the setup is completed.
Through the verification ↓, on behalf of the function is in effect, you can go to the front desk to try.
When viewing the page in browser privacy mode, validation appears at the bottom of the form and the submit button is unavailable (you need to enable the appropriate feature), the CAPTCHA function works correctly.
After clicking on the verification box, it prompts to pass the verification ↓, which is very convenient.
文章评论↓
Backend Login Box↓
注意:如果使用Perfmatters之类插件禁用或者延迟JS加载,可能无导致验证码无法正常工作,需要排除相应资源。配置好务必测试询盘功能,如异常又处理不了,删除插件改用Maspik插件拦截吧。
WP Armor - Honeypot Antispam
WP ArmorCombines the use of JS (which spambots can't use) and unique hidden fields to block spam, and works much better than the honeypot feature that comes with the form. Very lightweight, doesn't make any external calls and is GDPR compliant. If you have a form plugin or something that already has honeypot functionality, you don't need to install this plugin.
The free version applies to the protection of the content of the following figure ↓, supports theFluent FormsThey also have a Premium version. They also have a premium version if you need extra protection. The plugin is regularly updated and the developers are very active in the support forum.
WP Comments
WP Registration
BBPress Forum (bbpress.org)
Contact Form 7 (wordpress.org/plugins/contact-form-7)
Gravity Forms (For Non-Ajax and Single Page/Step Form - gravityforms.com)
WPForms (wpforms.com)
Formidable Forms (formidableforms.com)
Caldera Forms (calderaforms.com)
Toolset Forms (toolset.com)
Elementor Forms (elementor.com)
Fluent Forms (fluentforms.com)
Divi Theme Contact Form (elegantthemes.com)
Theme My Login ( https://wordpress.org/plugins/theme-my-login/ )
WooCommerce Reviews Pro
No tracking, cookie storage or external server calls.
Maspik Forms Blacklist Keyword Blocking Tool
MaspikMaspik is a message content blacklist keyword/email blocking plugin, after setting the blacklist keyword/email, when the message appears in the corresponding keyword/email will be blocked. Local validation, no code added to the front-end, so it is fast.
The free version of Maspik supports the following forms/contents, those with a * after their name mean they need the Pro version to support them.Fluent FormsComes with a blacklisted keyword feature that eliminates the need to use this plugin, or of course, you can use this plugin instead.
- Elementor forms
- Contact Form 7
- NinjaForms
- Formidable forms
- Forminator forms
- Fluentforms
- Bricksbuilder forms
- WPForms*
- GravityForms*
- WordPress comments
- WordPress registration form
- WooCommerce registration form*
- WooCommerce review*
Here's a tutorial we wrote ourselves, or you can go to theMaspik official websiteSee more tutorials. Download and installMaspik PluginAfter that, click on the panel below to enter the plugin Options settings screen.
A reminder will appear at the top where the block will take effect in this plugin
Main Options Setting.
Set up as shown to enable the function.
IP Verification:Enabled, it will link the plugin's official blacklist IP library and directly block the corresponding IP.
Honeypot Trap:Add the honeypot field.
Elementor Bot detector:Block bots from automatically sending spam to Elementor forms, this feature successfully captured about 30% of spam.
Below is a tutorial on adding keywords and an explanation of the corresponding roles.
Note: Keywords will be blocked as long as they appear, even if the word contains the keyword. For example, if you enter the keyword "seo", the word "seoul" will also be intercepted, so please choose your keywords carefully.
Tip: Use this plug-in will also receive some spam, you need to constantly put the spam message in the special words (such as company names, names, marketing words, special vocabulary, etc.) or user name, IP address, etc. added to the appropriate settings box for interception. With the continuous adjustment of the late basically no spam messages.
Text Fields setting:
The "Text Fields" in the following figure corresponds to the Name field of the form, enter the blacklisted keywords you want to block, one line at a time, and tap"SAVE"Button Save. If you enter the appropriate keyword in the Name field of the form after you have entered it, it will be blocked.
Email Fields settings:
The "Email Fields" in the following figure corresponds to the Email field of the form, enter the blacklisted keywords you want to block, one line at a time, tap"SAVE"button to save. After entering, if the form'sEmailfields are blocked by entering the appropriate keywords.
Textarea Fields Setting.
The "Textarea Fields" in the following figure corresponds to the Message/Texarea field of the form, enter the blacklisted keywords you want to block, one line at a time, and then tap"SAVE"Button Save. If you enter the corresponding keyword in the Message/Texarea field of the form after you have entered it, it will be blocked.
"Limit Links" is to limit the insertion of URLs, enter the number 0, on behalf of prohibiting the insertion of URLs, enter 1 on behalf of allowing the insertion of up to one URL, and so on.
Here's a selection of keywords that we feel should be blocked, just as an indication
http
www
Eric Jones
Emma Miller
rank
software
fixed monthly
.ai
.ai
Instagram growth
monthly fee
with graphic design
AI system
AI system
AI system mathewbloch
monthly fee
fixed monthly
Feedback Form
in spam
Data Entry
tinyurl
5 star
Fiverr
Fiverr
Targeted Customers
Fiverr Targeted Customers
Similar here
place your business
.biz
1st page
financing solutions
interest rate
your customers
web development
Don't set the keywords too strictly for fear of mistakenly intercepting normal comments. Be sure to test the comments after setting! If you still receive spam, fill in the special keywords in the message into the "Text area field" to intercept.
Whitelist Phone Fields formts setup.
Only the following phone formats are allowed to be entered, leave it blank to disable this option, for details click on "HERE" in the image below. This is a whitelist mode, if the phone format entered is not the set format, it will be rejected.
More Options setting:
Below 2 functions open, the first one is verified on the site'sstay somewhere temporarilylength, the second one uses JavaScript to automatically verify that the year matches thus determining if it is a robot.
Here is IP Intercept, enter the IP addresses to be intercepted, one line at a time.
Choose which forms are supported for blocking spam, usually the default will do.Finallypoint (in space or time)"SAVE"button to save.
The following figure sets up the prompt when submitting a spam message is blocked, and the maximum number of spam messages recorded in the background. "Default validation error message" is the message after the form submission is blocked, change it as needed. Lastlypoint (in space or time)"SAVE"button to save.
The end of this setup, you can go to the front end to leave a comment to test the effect of WordPress spam comment blocking.You can test it on the right side of the settings page (↓ in the panel below), enter the blocking keyword in the corresponding field, and tap "CHECK".
If intercepted, there will be an alert ↓
No interception. Successful submission.
View WordPress spam comment blocking history:
After enabling the Spam Log feature above, the corresponding board will appear in the background ↓. Click to view the successfully blocked spam messages.Enable Maspik after the proposed pre-point view of the intercepted form ↓, see if there is no wrong interception, appropriate adjustment of the interception of keywords.
The list will show the reason for the block, the IP address of the submitter, and other information.
Click to expand the message details ↓, you can determine whether it is mistakenly intercepted. If you are sure that the message is spam, you can add the appropriate keywords to the plug-in settings, for example, you can add the following mailbox to Email Fields settings.
acceptableAddIn the email below, add "your domain" to Text Fields, normal customers will not use the word "your domain" in their messages. You can also add the ip address to the General settings.