Tips For Protecting WordPress Websites Against Spam

Tips For Protecting WordPress Websites Against Spam

Despite the number of measures we implement to detect and counter spam, emails still find a way through, clogging up mailboxes and giving domains a bad reputation.

It is possible to reduce spam sent from a WordPress site by implementing a few easy measures. Read on to find out some Tips For Protecting WordPress Websites Against Spam

Create the email account wordpress@ on your domain

By default, WordPress uses as the “from” address when sending notifications. If you use here is how to set up the account in your mail administration you will get a notification when WordPress has tried to send a message but was unable to deliver it. To make it easier for you to manage you can forward the emails to the primary email account on your domain, and create a filter to move messages to a specific folder.

If you suddenly get a large number of undelivered messages, this is an indication that your site is being used to send spam. If this occurs, look at what is generating the emails, for example, your contact form, and disable or protect that function.

Limit who can leave comments

On popular websites with a lot of visitors, most comments by far are spam. That’s why we recommend that you limit who can leave comments on your site.

In WordPress Admin under Settings > Discussion, you can change who can leave comments and when comments are being published. We recommend disabling comments from anonymous users.

Alternatively, you can disable comments completely and replace it with a discussion plugin like Disqus. Disqus has built-in anti-spam measures, so you don’t need to worry about it.

Activate the Akismet plugin

If you decide to allow comments from anonymous users, a good anti-spam plugin is indispensable. The Akismet plugin is installed by default on all WordPress installations and free for personal use. You only need to activate it, by getting an API key from Akismet.

Once activated, Akismet checks all comments for spam and allows only legitimate comments to appear in your moderation list.

Make sure user registration is turned off

We recommend keeping user registration turned off because it is almost always used for sending spam. Allowing user registration only makes sense if you have a website that is restricted to members only, or if users need to be logged in to be able to comment. If you are looking for a way to allow users to subscribe to updates on your blog, you can use a plugin for this.

Under Settings > General you can find the settings for Membership. Make sure the box for “Anyone can register” is unchecked.

Use CAPTCHA in forms

If you have a contact form on your site or allow user registration, it’s essential that you verify that the user filling in the form is human and not a spambot. The easiest way to do this is a to add a reCAPTCHA plugin to your WordPress site. CAPTCHA helps you to distinguish between humans and robots, by asking humans to perform an action that robots generally don’t understand.

Over the years, bots have become smarter, but luckily so has the CAPTCHA method. Nowadays, you only need to check a box to confirm you are human, instead of typing in a code or number. Only if your behavior is suspicious, you need to pass another test, for example selecting all images with cars of shop fronts in it for example.

Most form plugins already have a built-in reCAPTCHA function. The only thing you need to do to enable it is to get two API keys from Google. If you need assistance with any website needs then feel free to send us an email and our support professionals can implement these for you.

Author Bio 

This article was written by Sam Hartford an IT professional and Web Designer.

Cheap WordPress Website Hosting


*You get £5 off with our exclusive Offer
Andrew Marriott
Owner & Founder at AJR Solutions
I am a technical & creative guy who loves technology. From a very young age, I have had a passion for technology, website / graphic design and photography. I work hard & play harder, I’m driven and full of enthusiasm with a passion to help others. Technology, digital design, web development & creative photography are areas I am really passionate about.

In the past i have worked for a leading IT Solutions & Managed service provider in Rotherham dealing with a range of IT platforms, such as - on site field engineering and remote support, dealing with all types of servers such as Virtual & Physical, Hyper–V, VMware, Windows server 2012 R2, SBS - Small Business Server 2008 2011, SQL, Terminal, Exchange, Active Directory, Group Policy, TCP, IP, DNS, DHCP, VPN, RDP, hybrid & cloud, Office 365 and managed security solutions such as Antivirus and Spam filtering.

Prior to this, I worked for Wickersley School & Sports College as the Lead IT & Network Technician and also supporting local primary schools with IT Support and engineering visits & Project Management, while also running my own company AJR Solutions, providing IT & Creative Solutions.

I’m very creative and have a huge passion for design and love how design can have a massive impact on a business image, presence and value also visit - | |

Also part of the AJR Solutions Group of businesses.