When the Good Guys Can Find Your Site …
You have comments on your new website!!! Oh, but those comments are spam. But, what about this one? It seems very complimentary, but …
Spammers will find you in the same way that the viewers you want will find you … they will do a search of the web. First, they are looking for WordPress installs in general. Then they are looking for websites where the site owner/developer has not taken steps to secure the WordPress comment function. This is not something you can stop. It’s just a matter of making your site unattractive to the comment spammers.
One sure sign that a comment is spam is that it contains a link. These comments don’t come from readers, they come from spam comment software. When I set up my new WordPress site, I had 13 new comments in a couple of weeks. These were tests from the spammers to see if my site would show their comments. I have comments on moderate, so they didn’t show, and this round of attempts have stopped.
do you want comments on your site?
WordPress started as blogging software. Blogs were one of the first type of social media in that it turned your website into a two way conversation. So, the WordPress core functionality includes comments. As WordPress evolved into more of a content management system (CMS) than a pure blogging system, site owners wanted to choose not to have comments. The WordPress authors responded with a page of settings for Comments in Settings -> Discussion.
While you can turn off the Comment form on your posts and pages, spammers can still get into the core functionality. If you leave comments on, you can set the Comments to be moderated. That is, they won’t show on the page, unless you check them.
Fighting Comment Spam
If your site is a WordPress site, a plugin called Akismet comes with your initial install. The job of Akismet is to help keep comment spam cleared out so you don’t have to spend time doing that task. I have seen sites where the comment spam was allowed to continue so long there were thousands of spam comments. That is not healthy for your website.
Akismet is a plugin that attaches your website to their web service. That means that it instead of running inside your website, it’s running on their servers. When a comment is filled out on your site, the Akismet plugin sends it through the Akismet servers to be compared to their database of known spam patterns. You can also mark a comment as spam. Then their system will note the patterns in that email and add them to their database.
Akismet is not a free plugin. They have quite an expense maintaining and updating their database. If your site only receives a few comments each month, you may want to wait until it becomes a chore to keep the comment spam cleaned out.