How To Stop Contact Form Spam And Comment Spammers

Stop Contact Form And Comment Spam

You work hard on web design, building your blog, and increasing social media and organic traffic from search engines. But you will also need to learn how to stop contact form spam and comment spammers.

It’s a strange symptom of your success to get a lot more comment spam and unwanted contact form messages. As your site ranking improves, you will start to get noticed by genuine content marketers but also by annoying spammers.

SEO tracking software is now very sophisticated. When it notices your site improvement, it will add it automatically to a list of potential backlink prospects.

Reputable marketers use this data to pinpoint who they can contact to improve content, backlinks, and sales potential. But any determined spammer can use these automated tools to hit contact forms and comments on hundreds or thousands of sites.

Why do spammers do it?

It’s all about spammers trying to get backlinks by using your blog to post spam comments.

A site can give two types of links—a dofollow or rel nofollow.

A dofollow link is the most useful and passes on link juice to a site. A nofollow link does not pass on juice but is still useful in helping a site rank. If you have a WordPress site, all comment links are nofollow by default.

It’s not easy getting a site owner to give a dofollow link. So a comment spammer is trying to get a quick rel nofollow link from your site and hundreds of others by using automation with a spam bot.

The other aim is to have comments that include links to unsavory sites and scams published in the comments section of your blog.

Your contact form on your site can also be automatically accessed, and spammers can submit the form with software.

The most common use is to ask you to add content to your site or for you to add a dofollow backlink to a blog post.

As your site rank improves, you can expect the percentage increase in comment and contact form spam to be double that of your traffic growth. Yes, it’s a lot.

The best defense against spam is to be prepared and have your site ready to handle this fact-of-life increase in unwelcome traffic.

So, what can you do to thwart spammers?


Managing and protecting your comments from spammers

The best spam blocker to stop comment spam is easy to implement. Don’t allow comments on your site. But this is a bit radical because legitimate comments can add social proof to your blog posts and help your SEO.

A better option is to close comments after a certain period of time. You can do this in Discussions Settings in WordPress.

Another choice is to close comments on individual posts from the Quick Edit option in your posts list.

You can also use external comment systems such as Disqus or wpDiscuz. Some of them offer the option to integrate social networks.

However, you lose some control with external systems, and your comment data could be used for advertising purposes. Yes, nothing is really free.

If you want comments on your site using your blog’s built-in system, all you need to do is take a few precautions.


1. Use a spam filter

The first step for a WordPress website is to make sure you are using a spam filter plugin to stop most spam comments.

Akismet is by far the best and has a user base of over 5 million sites. If you don’t have it installed already, go to your WordPress dashboard and click on plugins in your menu, and then add new.

Search for Akismet and install it. You will then need to register your site, but it is free.

akismet stats

As you can see from our site stats above, we get a lot of spam, but just over 99% get blocked by Akismet.

All it takes is to empty the spam comments once a day or so. It doesn’t matter if it’s ten or five hundred spam comments; it’s just one click.

But we still have work to prevent or catch the less than one percent that might get through.


2. A URL box is an open invitation to spammers

If you have a URL or website text box in your comment form, remove it. You only need a name and email.

Remove Website Field To Stop Spam

For spammers looking for a backlink, it is easy pickings. By removing this box, you will reduce the attractiveness of your site to spammers.

To your regular and new commenters, it won’t matter at all.

You can remove the URL box with a plugin or with code. If you need help, this article on Cloudways gives you all the details.


3. Moderate and be 100% sure

Spam filtering and protection are not always enough. Spammers are smart and will try all sorts of ways to get comments approved on your site.

They often post what looks like legitimate comments to see if they get them published on your site. If it works, they will add more comments, but now try to include links.

The only sure way to stop every type of spam is to use comment moderation. It might sound like it is time-consuming, but it isn’t really.

I get a lot of comments, but with Akismet and no URL box, it reduces the need for moderation to only genuine comments and looking for a few suspicious ones.

To set up moderation, go to Settings and then Discussion.


Now you will receive an email notification for all comments. You can now approve or trash every comment you get.

Be on the lookout, particularly for very short comments with a suspicious-looking spam email address.

Comments such as “Nice blog, sir” from a Gmail address with numbers are prime candidates for the spam button.

It’s your blog, so you want to be in control and ensure that comments added to your blog posts add value and promote genuine conversation and interaction.

A few minutes, a couple of times a day, is a wise investment to maintain a high-quality standard for your blog and visitors.

On other blogging platforms, you will find similar tools.

On free blogs such as Blogger, anti-spam is inbuilt. You might be able to remove the URL box, but you will undoubtedly have the option to moderate your comments.


How to stop contact form spam

To add a WordPress contact form to your site, you need to install a contact form plugin. One of the most popular is Ninja Forms, but there are lots of choices.

Whatever form builder you use, you generally use drag and drop to add form fields such as Name, Email Address, Phone Number, Subject, and Message.

You can set the required fields and modify the submit button.

Most use the inbuilt WordPress wp-mail function in wp-admin.

Contact forms are easy to create; you only need to add a new page and a shortcode. Or, for some, there is a button in the editor to add a form.

Some form plugins offer page, post, or widget placement.


Add more security

If you really have a problem with contact form spammers, you can add a Captcha button with Ninja Forms.

I had to update our contact form to include Google Recaptcha after a massive spammer attack that was hitting our site over 2,000 times a day.

You can add many options to a contact form by editing each input field with a radio button selector, dropdown list, or only display selected data. You can also edit button text.

No matter how you design your form, the real control comes from setting up your form submission and notifications.

You need to add your email address to the send email function. This will notify you of every new contact form message you receive.

In your plugin settings, you can design it so that it displays a contact name, email, message, or any other information you want to get via email.

Using a different email address to get all the messages in one account or inbox is a good tip.

If you only get a few messages a day, that’s all you need to do.

But what if you get one hundred or more messages a day?


How to let automation help you

You will get a notification for every new message, but not all of them need a reply other than to say no thanks.

If you want to save a lot of time and energy and stop contact form spam, the best approach is to set up an auto-reply.

I use Ninja Forms, and it works perfectly. You can use the same facility with many other contact form plugins.

Go to your forms and select edit. Choose emails and Actions to turn on Auto reply.

Use an autoreply to manage contact form spam

Now you can write an auto-reply message that will be sent in reply to all your contact form messages. You can even personalize it with the sender’s first name.

In your message, make it clear what action you will take and not take. We use this message on our site.

Hello %first_name%.

Thank you for your message.

We get a lot of messages every day, and we are grateful for your comments and suggestions for improvements to our website.

We read every message we receive, but we are sorry that we can’t respond to all of them.

In a nice friendly way, you say that if it is a comment about your site, a suggestion for improvement, or a feature problem, you’ll reply.

But if it’s spam or pesky outreach and link campaigns, you don’t need to do anything.



With an auto-reply in place, it reduces all the unnecessary responses you might have had to write and send.

You can concentrate fully on important messages that need your attention.

It also dramatically reduces follow-up requests because it is clear what will happen.

Our site gets a lot of automated contact messages from marketers.

So this solution makes it much easier to manage, as we only need to reply to genuine senders and to content suggestions that appeal to us.

Spammy computer-generated mass messaging usually sets a reminder if no reply is received.

An auto-reply, on many occasions, does the trick because the program registers a reply. It really does help stop or at least reduce contact form spam.



Depending on your blogging platform, you will have at least some tools to stop contact form spam and undesirable spam comments.

On WordPress blogs, there are many options and ways to manage the issue.

In either case, what is important is that spammers are not going to go away.

You need to take the best course of action to protect your site or blog but not reduce a good user experience.

In general, however, moderating your comments is the best way to stay in control.

And an auto-reply on your contact form will reduce the need to respond to unwanted comments.


Related reading: Outreach Campaigns For Articles And Backlinks Are Now Spam

2 thoughts on “How To Stop Contact Form Spam And Comment Spammers”

  1. Thanks for sharing your autoresponder tip using Caldera Forms! It saves me from having to manually respond to each message from my WordPress contact form. It also helps in reducing spam as well. It’s a shame that Caldera Forms will be retired on 12/31/2021. All existing users will be migrated to Ninja Forms, which is a paid plugin.

    I did find another free alternative to protect my contact form from spam. This alternative (Ivertech Spam Free Contact) uses Artificial Intelligence (AI) to filter out spam generated by humans. I just embed one line of HTML code obtained from their site and their Artificial Intelligence algorithm is able to figure out if a message is spam. If a message is deemed as spam, it will be “quarantined” on their server. If their AI decides that it’s not spam, I will get a notification email with the content of the message in it.

    I was able to weed out almost all of the spam messages from my contact form since I embedded the code, regardless if it’s coming from spam bots or actual humans. It was really easy to implement, and best of all it’s free! Just thought your audiences might find this useful.

Comments are closed.

Scroll to Top