How To Stop Blog Comment Spam and Contact Form Spam

Stop Contact Form And Comment Spam

You work hard on web design, building your blog, and increasing social media and organic traffic from search engines. But you will also need to learn how to stop contact form spam and spam comments.

It’s a strange symptom of your success to get a lot more comment spam and unwanted contact form messages. As your site ranking improves, you will start to get noticed by genuine content marketers, but also by annoying spammers.

SEO tracking software is now very sophisticated. When it notices your site improvement, it will add it automatically to a list of potential backlink prospects.

Reputable marketers use this data to pinpoint who they can contact to improve content, backlinks, and sales potential. But any determined spammer can use these automated tools to hit contact forms and comments on hundreds or thousands of sites.

Why do spammers do it?

It’s all about spammers trying to get backlinks by using your blog to post spam comments.

There are two types of links a site can give—a rel dofollow and rel nofollow.

A dofollow link is the most useful and passes on link juice to a site. A nofollow link does not pass on juice but is still useful in helping a site rank. All comment links are nofollow.

It’s not easy getting a site owner to give a dofollow link. So a comment spammer is trying to get a quick rel nofollow link from your site and hundreds of others by using automation in the form of a spam bot.

The other aim is to have comments that include links to unsavory sites and scams published in the comments section of blogs.

Your contact form on your site can also be automatically accessed, and spammers can submit the form with software.

The most common use is to ask you to add content to your site or for you to add a dofollow backlink to a blog post.

As your site rank improves, you can expect the percentage increase in comment and contact form spam to be double that of your traffic growth. Yes, it’s a lot.

The best defense against a lot of spam is to be prepared and have your site ready to handle this fact of life increase in unwelcome traffic.

So, what can you do to thwart spammers?


Managing and protecting your comments from spammers

The best spam blocker to stop comment spam is easy to implement. Don’t allow comments on your site.

But this is a bit radical because legitimate comments can add social proof to your blog posts and help your SEO.

A better option is to close comments after a certain period of time. You can do this in Discussions Settings in WordPress.

Another choice is to close comments on individual posts from the Quick Edit option in your posts list.

You can also use external comment systems such as Disqus or wpDiscuz. Some of them offer the option to integrate social networks.

However, with external systems, you lose some control, and your comment data could be used for advertising purposes. Yes, nothing is really for free.

If you want comments on your site using your blog’s inbuilt system, all you need to do is take a few precautions.


1. Prevent spam

For a WordPress website, the very first step is to make sure you are using a spam filter plugin to stop most spam comments.

Akismet is by far the best and has a user base of over 5 million sites.

If you don’t have it installed already, go to your WordPress dashboard and click on plugins in your menu, and then add new.

Search for Akismet and then install it. You will then need to register your site, but it is free.

akismet stats

As you can see from our site stats above, we get a lot of spam, but just over 99% get blocked by Akismet.

All it takes is to empty the spam comments once a day or so. It doesn’t matter if it’s ten or five hundred spam comments, It’s just one click.

But we still have work to prevent or catch the less than one percent that might get through.


2. A URL box is an open invitation to spammers

If you have a URL or website text box in your comment form, remove it. You only need a name and email.

Remove Website Field To Stop Spam

For spammers looking for a backlink, it is easy pickings. By removing this box, you will reduce the attractiveness of your site to spammers.

To your regular and new commenters, it won’t matter at all.

You can remove the URL box with a plugin or with code. If you need help, this article on Cloudways gives you all the details.


3. Moderate and be 100% sure

Spam filtering and protection are not enough. Spammers are smart and will try all sorts of ways to get comments approved on your site.

Very often, they post what looks like legitimate comments to see if they get them published on your site. If it works, then they will add more comments, but now try to include links.

The only sure way to stop every type of spam is to use comment moderation. It might sound like it is time-consuming, but it isn’t really.

I get a lot of comments, but with Akismet and no URL box, it reduces the need for moderation to only genuine comments and looking for a few suspicious ones.

To set up moderation, go to Settings and then Discussion.


Now you will receive an email notification for all comments. You can now approve, or not, every comment you get.

Be on the lookout, particularly for very short comments with a suspicious-looking spam email address.

Comments such as “Nice blog, sir” from a Gmail address with numbers are prime candidates for the spam button.

It’s your blog, so you want to be in control and make sure that comments added to your blog posts add value and promote genuine conversation and interaction.

A few minutes, a couple of times a day, is a wise time investment to maintain a high-quality standard for your blog and your visitors.

On other blogging platforms, you will find similar tools.

On free blogs such as Blogger, anti-spam is inbuilt. You might be able to remove the URL box, but you will undoubtedly have the option to moderate your comments.


How to stop contact form spam

To add a WordPress contact form to your site, you need to install a contact form plugin. One of the most popular is Ninja Forms, but there are lots of choices.

Whatever form builder you use, you generally use drag and drop to add form fields such as Name, Email Address, Phone Number, Subject, and Message.

You can set the required fields and modify the submit button.

Most use the inbuilt WordPress wp-mail function in wp-admin.

Contact forms are easy to create, and you only need to add a new page and add a shortcode. Or, for some, there is a button in the editor to add a form.

Some form plugins offer page, post, or widget placement.

If you really have a problem with contact form spammers, you can add a Captcha button with Ninja Forms.

I had to update our contact form to include Google Recaptcha after a huge spammer attack that was hitting our site over 2,000 times a day.

There are many options you can add to a contact form by editing each input field with a radio button selector, dropdown list, or only display selected data. You can also edit button text.

No matter how you design your form, the real control comes in how you set up your form submission and notifications.

You need to add your email address to the send email function. This will notify you of every new contact form message you receive.

In your plugin settings, you can design it so that it is displaying a contact name, email, and message, or any other information you want to get via email.

It’s a good tip to use a different email address so you can get all the messages in one account or inbox.

If you only get a few messages a day, that’s all you need to do.

But what if you get one hundred or more messages a day?


How to let automation help you

You are going to get a notification for every new message, but not all of them need a reply other than to say no thanks.

If you want to save a lot of time and energy and stop contact form spam, the best approach is to set up an auto-reply.

I use Ninja Forms, and it works perfectly. You can use the same facility with many other contact form plugins.

Go to your forms and select edit. Choose emails and Actions to turn on Auto reply.

Use an autoreply to manage contact form spam

Now you can write an auto-reply message that will be sent in reply to all of your contact form messages. You can even personalize it with the sender’s first name.

In your message, make it clear what action you are going to take and not going to take. We use this message on our site.

Hello %first_name%.

Thank you for your message.

We get a lot of messages every day, and we are grateful for your comments and suggestions for improvements to our website.

We read every message we receive, but we are sorry that we can’t respond to all of them.

In a nice friendly way, you are saying that if it is a comment about your site or a suggestion for improvement or there is a feature problem, you’ll reply.

But if it’s spam or pesky outreach campaigns, you don’t need to do anything.



With an auto-reply in place, it reduces all the unnecessary responses you might have had to write and send.

You can concentrate fully on the messages that are important and need your attention.

It also dramatically reduces follow-up requests because it is clear what is going to happen.

Our site gets a lot of automated contact messages from marketers.

So this solution makes it much easier to manage, as we only need to reply to genuine senders and to content suggestions that are appealing to us.

Spammy computer-generated mass messaging usually sets a reminder if no reply is received.

An auto-reply, on many occasions, does the trick because the program registers a reply. It really does help stop or at least reduce contact form spam.



Depending on what blogging platform you are using, you will have at least some tools to stop contact form spam and undesirable comments.

On WordPress blogs, there are many options and ways to manage the issue.

In either case, what is important is that spammers are not going to go away.

You need to take the best course of action to protect your site or blog but not reduce a good user experience.

In general, however, moderating your comments is the best way to stay in control.

And an auto-reply on your contact form will reduce the need to respond to unwanted comments.

Derek Haines

A Cambridge CELTA English teacher and author with a passion for writing and all forms of publishing. My days are spent writing and blogging, as well as testing and taming new technology.

Avatar for Derek Haines

2 thoughts on “How To Stop Blog Comment Spam and Contact Form Spam

  • Avatar for Anthony
    April 14, 2021 at 11:47 am

    Thanks for sharing your autoresponder tip using Caldera Forms! It saves me from having to manually respond to each message from my WordPress contact form. It also helps in reducing spam as well. It’s a shame that Caldera Forms will be retired on 12/31/2021. All existing users will be migrated to Ninja Forms, which is a paid plugin.

    I did find another free alternative to protect my contact form from spam. This alternative (Ivertech Spam Free Contact) uses Artificial Intelligence (AI) to filter out spam generated by humans. I just embed one line of HTML code obtained from their site and their Artificial Intelligence algorithm is able to figure out if a message is spam. If a message is deemed as spam, it will be “quarantined” on their server. If their AI decides that it’s not spam, I will get a notification email with the content of the message in it.

    I was able to weed out almost all of the spam messages from my contact form since I embedded the code, regardless if it’s coming from spam bots or actual humans. It was really easy to implement, and best of all it’s free! Just thought your audiences might find this useful.

    • Avatar for Derek Haines
      April 14, 2021 at 12:31 pm

      Thanks for the heads up on Caldera Forms, Anthony. I’ll have to update this article.

Comments are closed.