What to Do When Spam Gets Past Akismet
If you’re on WordPress.org, you undoubtedly have the Akismet plugin. With over 14 million downloads, Akismet is by far the most popular plugin for catching spam. If you aren’t familiar with this plugin, Akismet captures spam and places it into your Spam folder. In fact, it’s caught 57,925 spam comments on this blog so far!
The plugin learns what to categorize as spam by what you and other WordPress users mark as spam. If you just delete it, Akismet can’t learn what’s spam as quickly. While Akismet can be great, it’s not perfect. Spam sneaks by, sometimes in large numbers. That means, along with your legitimate blog comments, your readers also see lovely gems like “I got what you intend, regards for posting” or “Thank you for the auspicious writeup.”
When Akismet lets you down, it’s time to break out some new tools to keep spam in its place. I want to share with you two plugins that come in handy so you don’t EVER have to succumb your readers to the dreaded CAPTCHA word verification.
Growmap
The Growmap Anti Spambot Plugin (sometimes called GASP for short) is a great plugin to catch spam from automated spam bots. Under the commenting fields on a blog post, this plugin adds a checkbox with a message to check that box to confirm the reader isn’t a spammer. Since spam bots can’t manually check a box, they can’t leave a comment. Of course, this plugin does nothing for human spammers, but it works beautifully for bots! (If you do happen to find spam bots getting past this plugin, you can slightly alter the Checkbox Name field so bots can’t automatically check the box.)
Below you can see my checkbox with my customized message:
I turn Growmap off and on anytime I notice an increase in spam that’s getting past Akismet. Why do I not just keep it on? Mainly because I like to make it as simple as possible for a blog visitor to comment. Checking a box is WAY less intrusive than doing something like word verification, but it is something people might miss the first time they’re on my site.
One thing I love about this plugin is that you can customize the message that displays beside the checkbox as well as the alert messages when someone doesn’t check the box. Below you can see how I added a little flair to customize all the messages.
WP Ban
Another spam-fighting plugin I keep around is WP Ban, which comes in handy if your spam perpetrators are coming from the same IP address or a range of IP addresses. With this plugin, you can ban those addresses so the spammers get a customizable message when they try to access your site. This plugin is best to use when you see multiple spam message coming from the same IP addresses, not for entering every single IP address for every single spam message.
If you ‘re wondering how to find the IP addresses to ban, go to your Comments section of WP Admin. On the page that displays your comments, the Author column not only shows the commenters name and URL, it also shows their IP address. Notice that the second and third comment below share the same IP address. That’s one I would ban.
How do you ban the IP address? Once you install the plugin, visit the settings by going to Settings > Ban from your dashboard. Enter any lame, spammy IP address in that first field, then save your settings. Use caution when using the wildcard functionality that bans IP addresses that start with the same numbers. I’ve accidentally banned legitimate people that way so I just avoid wildcards just to be safe!
To ban a range, enter the IP address range in the second field.
If you want more details on how to use this plugin, Gigi from Kludgy Mom has a great WP Ban tutorial.
Do you get a lot of spam on your blog?
