Simple Spam Filter for WordPress

On this little slice of the web, this blog might get thousands of comments each week, 99.9% of which are spam comments… a bit ridiculous if you ask me. The Akismet anti-spam plugin does a great job blocking all these spam comments, and I’m grateful for that. But because of the sheer volume of spam, it becomes nearly impossible to check for any real comments that might’ve gotten incorrectly labeled as spam. I’m usually happy if I get 2 or 3 real comments in a week, so to me (and I think most bloggers out there), every comment is important.

One thing I noticed while looking at the current generation of comment spam is that it tends to be immediately identifiable with some sort of pattern. So I wrote the Simple Spam Filter to do a couple of simple tests and immediately block and reject obvious spam comments.

If a comment gets rejected, an error screen is shown with an explanation of why it was rejected. An optional captcha (provided by reCAPTCHA) can also be configured to display, which allows people to confirm that their comment is indeed legitimate. The plugin also works in conjunction with Akismet and will display a captcha if Akismet flags a comment as spam. In all cases, the captcha is displayed only if a comment doesn’t pass the obvious spam rules or if Akismet thinks it is spam. Comments that don’t pass the captcha are immediately rejected and discarded.

From my own testing, the following patterns will catch at least 90%+ of all comment spam. A comment will be rejected if it matches any of the following:

  • Contains 5 or more links to external sites
  • Contains nothing but links
  • Contains [url=http://www.example.com]example[/url] style links (bbcode style links)
  • Contains a word that matches a short list of common spam words (e.g. viagra or cialis)
  • The comment is very similar (over 75%) to a previously posted comment — prevents spammers from copy-pasting a previously posted “real” comment and simply changing some links

This plugin isn’t meant to replace existing spam plugins, but rather to work in conjunction with them. It does a simple “pre-filter” to weed out the most obvious comment spam, then gives people whose comments get flagged an opportunity to confirm with a captcha that their comment is legitimate.

Author: Joe Tan ([email protected])
License: GPL

Additional Features:

  • Legitimate comments that get blocked (either by this plugin or by Akismet) can be presented with a captcha to confirm legitimacy — comments that don’t pass will be immediately discarded
  • Helps you identify potential spam words (use this to tweak the plugin’s filters)

Upgrade Note:
If you are upgrading from version 0.5 or older, please install the upgrade version. The plugin’s file structure was reorganized to support WordPress’ auto update feature.

Installation:

  1. Download and unzip the plugin
  2. Upload the entire “tantan-spam-filter” directory to the WordPress wp-content/plugins directory
  3. Login to your WordPress admin, click “Plugins”, and then activate the “TanTanNoodles Simple Spam Filter” plugin
  4. Configure your spam and reCAPTCHA settings by going into “Comments” → “Spam Filter”
  5. You’re done!

Download the Plugin ›

Support:
If you are having problems setting up or customizing this plugin, please visit the WordPress.org support forum for help. Someone may have already posted a solution to your problem!

More Documentation: Modification History, Known Issues and Bugs

Bug Reports:
Post bugs or feature requests to the Google Project page.

Developers:
Browse source code at the Subversion repository.

Want more WordPress goodness? Check out my other plugins and scripts ›