Sometimes a simple solution is a better solution.
Over the past couple of years, I have identified over 5,600 phrases, patterns, and keywords commonly used by spammers and comment bots in usernames, email addresses, link text, and URIs. This blacklist is still a work in progress and there is certainly room for optimization. Suggestions are always appreciated.
Copy the list of keywords, paste it into the Comment Blacklist field of your WordPress Discussion Settings panel, and click the “Save Changes” button.
That’s it.
I don’t blame you if you’re skeptical about how well this blacklist works compared to a commercial solution like Akismet. Because I am subjectively including keywords based on comment spam submitted to my own sites, there is a chance that the blacklist will “overclean” your comment queue. Consider that fair warning.
However, Jason Cosper reports that he used the blacklist on a client’s WordPress installation containing 800,000 or so comments. The blacklist flagged 40% of those comments as “spammy”. As a sanity check, he then exported those flagged comments to a local WordPress install and subsequently had Akismet do its thing. According to Jason, there were “zero false positives.”
Still need convincing? The blacklist was featured over at WP Daily in [John Saddington](http://john.do /)’s enticingly titled post, Die Spam! Blacklist That Shiz with This Gist!
WordPress stores the contents of the Comment Blacklist setting in a MySQL column. The blacklist_keys
column is defined as a longtext
data type, which can contain up to 4,294,967,295 bytes (approximately 4GB) of text. There is no chance of us running out of room to expand the blacklist any time soon.
Special thanks to Claudio Schwarz and Volker J. Schmidt for suggesting some useful additions.
Contact me on Twitter.