WordPress Plugins for Writers: Part 2 – Anti-Spam
The #1 hassle of running a website is the inevitable flood of spam that, if left unattended, will fill your posts’ comments sections. Most of these are obvious attempts to get either click-throughs (people clicking on the links to see what’s up) or link-backs (links from your site to theirs which affect their site’s rating on some search engines). Some of it is downright obscure — random strings of numbers with no links to be found, that sort of thing. All of it is clutter, useless rubbish that clogs up your comments, making it less easy (and less fun) for your readers to read or leave comments, and making your site look bad.
Fortunately, there are several WordPress plugins that help minimize, and often eliminate entirely, spam from your comments section. The first, Akismet, is even built in. You need to activate it, though — and for that you need a “WordPress API key”. Fortunately, that’s easy enough to get — just sign up for an account at WordPress.com and they’ll send you one by email, automatically. It’s a long string of characters that, after you’ve activated Akismet, you’ll be asked to enter. Just cut-and-paste it from the email.
Akismet works by aggregating the collective judgment of its users. Every comment on an Akismet-enabled site is fed through their servers and compared with their profiles of known spam. If a new comment on your site looks like a piece of spam in Akismet’s database, it’s flagged as “spam” (you can look occasionally and make sure it’s all properly flagged, and un-flag comments you think should not be considered spam). If it looks kosher to Akismet, it’s sent back to your site. If something “spammy” gets through Akismet, you can manually flag it as spam, and Akismet will add it to their database. When you mark something as spam, it helps the rest of the network; when anyone else on the network marks something as spam, it helps you.
What Akismet is to comment spam, the Trackback Validator plugin is to trackback spam. Normally, trackbacks are notifications sent to your site when a trackback-enabled site links to your site. It’s a nice way to let someone know you’re linking to them, and it posts a link under the post they linked to so that other readers can click through and see the conversation unfold. Unfortunately, a lot of scummier sorts have hijacked the process, sending fake trackbacks to sites just to get the link. Trackback Validator checks the address the trackback links to, to make sure there really is a page there and it really does link to you, before letting the trackback show up on your site.
The third line of defense against spam is Bad Behavior, which aims to stop spam at the source by identifying “bad guys” before they can reach your site. Bad Behavior looks at the way that a visitor or alleged visitor is attempting to access your site. Since most comment spam, trackback spam, and other malicious attacks against your site are carried out by automated programs accessing the site directly (as opposed to a person accessing it via a browser), they can often be identified and, in Bad Behavior’s case, prevented from being able to access the site at all.
All three of these plugins can be used together, giving you a pretty good defense strategy against the kind of scum that has decided that your site is a great platform for whatever malicious purposes they have in mind. Once installed, the only thing you have to do is remember to check your spam queue once in a while (the WordPress dashboard will let you know how many comments are in the spam queue and need to be approved or marked as spam) to make sure you catch anything Akismet missed — which should be less and less, since Akismet is learning faster and faster the more people use it.