How to Block Spam Comment Bots in WordPress with Honeypot


Spam comments are a big pain in the ***. To prevent spam comments, bloggers end up taking strict measures such as requiring people to register or have everyone enter a captcha before submitting a comment. Spam prevention controls such as captchas, math quiz, and registration makes it difficult for regular visitors to comment. By implementing one of those methods, you are punishing the wrong crowd. A lot of spam comments are generated by bots, which are programs designed to comment on blogs and websites. There is a common saying that you can catch more flies with honey than with vinegar. It fits perfectly here as we are about to show you how you can block spam comment bots in WordPress with honeypot.

What is Honeypot?

Before we talk about honeypot, lets talk about how these spam bots work. WordPress is used by millions of websites. This means that millions of websites have similar HTML output for comment forms. This makes it easier for bots to find blogs and post spam comments.

Honeypot is a spam prevention technology. It tricks and traps spam bots into revealing themselves by giving them a challenge that human users can not see.

Unlike other spam prevention methods which uses techniques to find out of if a commenter is human, Honeypot checks to see if the commenter is a bot. Instead of giving a challenge to human visitors, it creates a fake challenge for the bots. When bots fill the challenge, they end up revealing themselves and are caught before they could post spam.

Blocking Spam bots in WordPress with Honeypot

First thing you need to do is install and activate WP Spam Fighter WordPress plugin. After activating the plugin, go to Settings » WP Spam Fighter to configure the plugin.

Simply check the box next to the honeypot option and save your settings.

The plugin also offers timestamp method, which assumes that a human user will spend some time reading a post before leaving a comment. If a user tries to quickly post a comment, the plugin will show them a javascript popup.

The default options should work for most websites. However we advise you to review the configuration options before pressing the Save changes button.

How it Works

When honeypot is enabled, WP Spam Fighter will add a hidden form field into your comments area. This field will not be visible to human users, but bots will think of it as part of the form and fill it out, effectively indentifying themselves as spambots.

Remember that these methods do not protect you against against manually submitted spam which is entered by human visitors. You will still have to use a plugin like Akismet to catch those.

For more comment spam preventing, checkout our tips and tools to prevent comment spam.

Seraphinite AcceleratorOptimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.