On this little slice of the web, this blog might get thousands of comments each week, 99.9% of which are spam comments… a bit ridiculous if you ask me. The Akismet anti-spam plugin does a great job blocking all these spam comments, and I’m grateful for that. But because of the shear volume of spam, it becomes nearly impossible to check for any real comments might’ve gotten incorrectly labeled as spam. I’m usually happy if I get 2 or 3 real comments in a week, so to me (and I think most bloggers out there), every comment is important. And really, what is a blog if no one comments?

One thing I noticed while looking at the current generation of comment spams is that they tend to be immediately identifiable with some sort of pattern (see first screenshot). So I wrote the Simple Spam Filter to do a couple simple tests and immediately block and reject obvious spam comments.

If a comment gets rejected, then an error screen will be shown with an explanation of why the comment was rejected. An optional captcha (provided by reCAPTCHA) can also be configured to display, which allows people to confirm that their comment is indeed legitimate. The plugin also works in conjunction with Akismet and will display a captcha if Akismet flags a comment as spam (see second screenshot). In all cases, the captcha is displayed only if a comment doesn’t pass the obvious spam rules or if Akismet thinks a comment is spam. Comments that don’t pass the captcha are immediately rejected and discarded.

Screenshots

From my own testing, the following 5 patterns will catch at least 90%+ of all comment spam. This will probably evolve over time (check back for updates!), but for now it works pretty well. A comment will be rejected if it matches any of the following patterns:

• Contains 5 or more links to external sites
• Contains nothing but links
• Contains [url=http://www.example.com]example[/url] style links (my blog does not support bbcode style links)
• Contains a word that matches a short list of common spam words (for example, viagra or cialis). See the plugin’s source for the full list.
• The comment is very similar (over 75% similar) to a previously posted comment. This prevents spammers from copy and pasting a previously posted “real” comment and simply changing some links

As I mentioned above, this plugin isn’t meant to replace any of the existing spam plugins out there, but rather to work in conjunction with them. It does a simple “prefilter” to weed out the most obvious comment spams and then gives people who’s comments get flagged as spam an opportunity to confirm with a captcha that their comments are indeed legitimate.

I realize that this plugin is not fool proof by any means, since spam will continue to evolve over time; but now at least you don’t have to deal with comments that are obviously spam and hopefully spend a little less time looking for real comments incorrectly labeled as spam.

Author: Joe Tan (joetan54@gmail.com)
License: GPL
Features:

• A simple pre-filter to weed out the most obvious comment spam (about 90% of all spam).
• Legitimate comments that get blocked (either by this plugin or by Akismet) can be presented with a captcha to confirm that the comment is legitimate. Comments that don’t pass the captcha will be immediately discarded.
• Helps you identify potential spam words (you can use this to tweak the plugin’s filters).

Upgrade:
If you are upgrading from a previous version (0.5 and older), please install the upgrade version. The plugin’s file structure was reorganized to support WordPress’ new auto update feature.

Installation:

1. Download and unzip the plugin.
2. Upload the entire “tantan-spam-filter” directory to the WordPress wp-content/plugins directory.
3. Login to your WordPress admin, click “Plugins”, and then activate the “TanTanNoodles Simple Spam Filter” plugin.
4. Configure your spam and reCAPTCHA settings by going into “Comments” -> “Spam Filter”
5. You’re done!

Download the plugin

Want more WordPress goodness? Check out some of my other plugins and scripts >