When it comes to a WordPress website chances are that you have come across a major issue and that is spam/ sploggers/ or any form of bot that is attacking your website. The issue can be annoying and it prevents you from getting a good community on your website so what can you do? The answer to that is not much unless you have a couple of important plugins to protect yourself from these threats. Spam is such an issue and with proper techniques you can cut it down so quickly that you will wish that you did it sooner.
SABRE Simple Anti Bot Registration Engine
Sabre while a little outdated is an exception tool for blocking spammers and bots because it comes with features that you will want and quite frankly need. It allows you to add a simple CAPTCHA form to the registration form and comment section if you allow guests to post. This is a great way to cut down spam but the best way to prevent comment spam is to restrict commenting only to logged in members of your website. Sabre also has the ability to watch certain IPs and check a black list and if it found to be on their it will be immediately blocked from registering on your website.
List of Features
- Inclusion of a CAPTCHA in the registration form
- Selection of the CAPTCHA’s complexity
- Selection of the background color for the CAPTCHA image
- Inclusion of a math test in the registration form
- Selection of the math test’s complexity
- Inclusion of a text test in the registration form
- Random or fixed choice of the test to run
- Unobtrusive tests to detect if registration is done by humans or not
- Registration blocked if visitor’s IP address is found on ban lists
- The site administrator can confirm the user registration (monosite only)
- The user can confirm his registration by clicking on a link sent by mail (monosite only)
- Limited number of days for user confirmation. Without beeing confirmed within the period of time, the user account is disabled (monosite only)
- Log on prohibited before user confirmation (monosite only)
- User is allowed to choose his password when registering on the site (monosite only)
- User must agree with a warning text, disclaimer or general policy note when registering
- User must give an invitation code during registration
- Main statistics displayed on the site’s dashboard
- Custom logo on logon/registration screen (monosite only)
This plugin comes with so many ways to prevent spam because when the IP reaches your server it checks it against 3 of the largest spam databases around and if it comes back as black listed then it will block them BEFORE the page even loads. This means that the spam comment or spammer didn’t even get the chance to login to your website to make the comment. This is the fore front of your defense against spam because it blocks them before they get the chance this is your first line of defense against them so make sure to setup your api keys properly to get all three of the black list services working and you will be fine.
List Of Features And Spam Protection
- PHP 5 is required.
- The visitor’s IP can be checked at the following third parties:
- Stop Forum Spam.
- Project Honey Pot. An API key is needed to check the IP at this party. The key is free.
- Spamhaus. IP’s are checked with the lists SBL and XBL.
- Spammers can be blocked based on the information supplied by the third party or by using a local blacklist.
- Comments made without a HTTP referrer can be blocked.
- Separate thresholds can be set for the following features:
- Send an email to the board administrator with information supplied by the third party about the spammer.
- Block the spammer before content is served.
- Bypass the checks for the IP at the third parties and the local blacklist, based on IP in the local whitelist.
- Ability to add single IP’s and/or IP ranges to the blacklist and whitelist.
- When an IP is blocked a message can be displayed to the visitor with the reason why access was blocked.
- Report a spammer to Stop Forum Spam. A valid API key from Stop Forum Spam is necessary.
- Add a spammer to the local blacklist by clicking a link in the received email.
- IP Caching system.
- Use a honey pot from Project Honey Pot.
- Option to block spammers that access wp-comments-post.php directly by using a comment security check. An email can be send when the check fails.
The main thing is that the more spammers that you keep out the less of your system resources are being used up so that way you can keep the website loading smoothly. Also spammers can give the website a bad reputation and by blocking them you wont have to worry about that.
The third and final plugin that you should consider offers a lot more than just spam blocking it does a lot of rewriting to your ht access file to prevent spammers from analyzing your site with bots. It is able to block many of the signs and things that bots look for when they want to attack a site such as the WordPress version and the meta info of the website. These are things that you can’t leave or else they will cause major alerts of crawlers and will set off a swarm of bots to your website. Not only does it hide this it also blocks known bots that are associated with bad websites or spam websites. They will block them before they can crawl your page that way you can get the best line of defense against them.
- Scans your site to instantly report where vulnerabilities exist and fixes them in seconds
- Bans troublesome user agents, bots and other hosts
- Prevents brute force attacks by banning hosts and users with too many invalid login attempts
- Strengthens server security
- Enforces strong passwords for all accounts of a configurable minimum role
- Forces SSL for admin pages (on supporting servers)
- Forces SSL for any page or post (on supporting servers)
- Turns off file editing from within WordPress admin area
- Detects and blocks many attacks to your file system and database
(there are other features but go to the plugin page to read all of them)
Key Things To Remember
When it comes to spam comments it is best to have your settings so that your comments are not accessible until the user is logged in on your website. This means that they will have to bypass all of your security measures to post a comment. This will keep out all forms of comment spam so long as your first line of defense does its job.
If you have any questions register for the website and post a comment below and I would love to help!