Stopping comment spam, 2014 edition

I’ve been blogging for nearly 15 years, so I’ve seen my share of frustrations over the years. The toughest source of frustration for me to shake has been spam. I have actually had spambot traffic knock my site offline in the past–here’s what I did about that–so suffice it to say that if a computer can’t keep up with it, there’s no way a human can keep up with filtering the amount of spam even a moderately popular blog receives. I’ve used two plugins to augment WordPress’ built in antispam capabilities.

The first one I use is WP-Spamshield, which uses cookies and Javascript to confuse spambots. Most bots can’t handle a complex combination of cookies and Javascript. There are a small number of people who disable both, and tend to be very vocal about doing so, but dealing with spambots is a bigger problem for me than not getting their comments is.

The problem is that if spambots are submitting comments, the computer is processing them, which requires CPU time, RAM, and disk I/O. Those are finite resources, so I’m only interested in serving human readers and web crawlers. Keeping spambots out of my site’s database backend makes the site faster for everyone else.

The problem is that no anti-spam solution is perfect, so I augment it with a second one. Akismet does an outstanding job of detecting spam and throwing it into the potential spam queue, and the number of false positives is extremely low. I don’t like to rely on Akismet alone because of the performance cost, but using it to catch whatever gets through WP-Spamshield works very well.

I barely have time to write content, let alone deal with spam, so letting the machine handle the spam allows me to continue to blog, which I think is a very good thing. I hope you do too.

If you found this post informative or helpful, please share it!