Stop WordPress SPAM messages
SPAM messages within WordPress is an item that is often encountered unfortunately. Whether it's on a corporate website or a personal blog. SPAM often hides as enthusiastic comments posted on one of your articles. Here's what steps you can take to counteract it.
What kind of SPAM do you encounter?
SPAM comes in many shapes and sizes, this can be a comment on your website or an email you receive. To counteract SPAM on the mail there are a number of steps you can take outside of WordPress. We recommend for contact between customers and on the website to do from a different email address. You can keep this email address the same as your domain. This not only exudes more professionalism than a gmail or hotmail address. But also keeps the messages of the company better separated and in order. Mixing personal mail and business mail is not a good idea.
The business mail addresses that can be created through the control panel end in your domain name. As we have for example MijnHostingPartner.nl you can also use your own domain name. An info@ address is the most regular address that can be created and is widely recognized. This can also be made more personal by using your first name as a prefix.
Steps that can be used to prevent email SPAM are, among others:
- DKIM certificate
- SPF record check
- Tightening up SPAM filtering and adding standard actions
Below we will go further through how to counteract SPAM messages within the WordPress website.
How do you recognize SPAM messages in WordPress?
SPAM messages in the comments or posts can be recognized by a number of main points. Let's cover those below.
Backlink or Hyperlink in the post
A backlink or hyperlink to another website is a SPAM message in 99% of the cases. A normal user is unlikely to do this, or it is a helpful link to additional information. A backlink to another website is the main reason why SPAM messages are posted at all. This is because this applies to spreading rogue websites, or ranking higher in the search engine rankings. Everything will pass muster. A Hyperlink in the message can be recognized by the blue text that the link displays. We advise you not to just click on those links, because this can also have nasty consequences for your local PC.
Spelling and grammatical errors
Spelling and language mistakes are usually a strong sign that it is a SPAM message. Sentences that do not make sense in English, Dutch or any other language than the website itself are also often a sign. Messages that are full of spelling mistakes and incorrect sentences doesn't seem like something you'd want on your website under your fancy messages.
Strange email addresses
Often strange email addresses are used or email addresses that do not make sense. However, this is often not the case, as many email addresses are hacked for this purpose. WordPress also has no control over the email address itself, so it can also use meaningless email addresses. So check this before you put a message live on your hosting.
Praising a message to the skies or being overly enthusiastic
Another common practice is praising a post in the sky, these are standard texts that are written and placed on thousands of websites to ensure that a few always slip through. Do not be tempted by a very positive response to a post. And check it again before you put it live on the page.
Preventing SPAM
WordPress SPAM within your hosting can be countered in a number of different ways. The most effective we've found is to simply remove the URL field from the posts section. This is usually the field where the bots cut off. As soon as this field is not there, a SPAM script often doesn't work anymore. Since it is missing a field that they need to continue. This can be done with a piece of code that you can put at the bottom of the functions.php file. This piece of code needs to be updated every time a theme is updated. This is however a small effort and can also be handled with a child theme that can be created.
The way below is a direct change at the bottom of the functions.php file. Before you do this it is advisable to make a backup of the WordPress Hosting. This is easily done through the control panel by setting up two scheduled tasks. One for the files, and one for the database.
The piece of code that should be placed at the bottom:
Furthermore, it is advisable not to have comments automatically go live on a WordPress website. But first they need to be approved manually. You can do this in the Discussion Settings in the following way. An email will notify you when a new post is made. This can also be turned off when you receive a lot of messages.
You can also create your own blacklist within the standard WordPress functionality. IP addresses, email addresses and websites or keywords are then automatically placed in the trash. Once in a while it can be emptied and sorted out.
Further prevent WordPress SPAM
Well-known plugins such as Akismet can also be used to prevent SPAM messages. This is easy to install with a few clicks of a button and then filters out much of the SPAM by checking each comment against a large blacklist that is used. This does mean that a third party also has access to the data that is entered. And this will also have to be included in the privacy statement. With the manual method described above, much of the data can be captured. And no further declarations are needed. To your own preference, this can be further arranged.
If you have any questions about how to prevent this, please contact us via the chat or ticket system. With a Managed WordPress hosting package we take care of all these issues for you. And you can focus on the most important things. Creating content for your website and growing!