I have always found my blog’s comments a great source of feedback. In many cases readers have contributed valuable additions to the article content or pointed out errors which I subsequently fixed. However, there is a dark side to enabling others to add content to your side: spam. Here is how I am (successfully) dealing with that threat.
The first and most important setting for fighting spam is moderation. At the end of the day only you (i.e. a human) can decide if a comment is spam or ham. Also, in countries like Germany you as the site owner are responsible for its content. You want to make sure to weed out anything legally questionable. The relevant WordPress setting to enable is “Before a comment appears comment must be manually approved”:
Getting rid of the captchas had surprisingly little effect on number of spam comments I actually have to deal with thanks to Akismet, a cloud-based spam detection service operated by Automattic, the people behind WordPress itself. The only thing you have to do is to sign up for an API key and enable “Silently discard the worst and most pervasive spam so I never see it.” With that configuration I only get the occasional spam comment. Because of my moderation settings those spam comments never appear in public and I can delete them whenever I find the time.
Issue: Akismet Has Detected a Problem
I recently got an Akismet notification on my WordPress comment page saying
Akismet has detected a problem. Some comments have not yet been checked for spam by Akismet. They have been temporarily held for moderation and will automatically be rechecked later. Please check your Akismet configuration and contact your web host if problems persist.
As it turned out the reason for that were some really long comments in either Mandarin or Cantonese (I could not tell) which Akismet apparently could not deal with, maybe because of its length. Simply marking that comment as spam was not enough to resolve the issue, but once I manually deleted the spam comments the problem was gone.