How do random publishing programs work? How do you protect your site from them? Comprehensive guide

Many website owners suffer from using email forms, or comment forms on articles published on these sites, to send and publish unsolicited random content (or what is known as spam) in large quantities on these sites.  

This random content constitutes a source of concern and inconvenience for both the website owner and its users alike, and it also negatively affects the hosting server because this content is often published automatically by robots in very large quantities. But this does not prevent spam content from being posted by humans from time to time.

In all cases, you, as a website owner, must deal with this annoying content, delete it if it exists on your site, and secure your site to prevent its publication in the future.

In this article, we will explain to you the concept of random publishing programs that spread annoying content, and we will provide you with a comprehensive guide that explains the most important methods and countermeasures that must be taken on your site to be safe from these annoying programs and protect your site from them.

Use of spam messages

The term spam means unwanted, annoying messages and comments that are not relevant to the reader’s interest and are sent to a large number of sites, either for the purpose of promoting and advertising something, or for fraudulent purposes. 

Spam can be sent in several ways, perhaps the most famous of which is sending it via email, or what is known as (Email Spam), or through comments on articles published on websites (Comment Spam), or through tracking links (Trackback Spam), or in other ways.

In fact, the goal of publishing most of the random content, as we mentioned, is for commercial and promotional purposes (and it may be for political, morally offensive, or other goals), as most of the random content is published with the aim of promoting a site or idea.

Spam is often accompanied by a link to the site it is promoting to get clicks from visitors, with the aim of making it public and trying to raise its ranking in search engines. 

For this reason, spam is usually written in a way that encourages clicking on the links it contains, such as (Congratulations, you have won a $100 gift coupon from Amazon on the occasion of its 25th anniversary! Click on the following link to get it) or something like that..

Although spam in general is not a virus, and publishing it on your site does not mean that your site has been hacked, it is annoying and unwanted content, and it is harmful to have such content on your site.

How does spam harm the site?

In fact, random content negatively affects your site, reduces its ranking in search engines, and lowers the quality of articles published on it, as the Google search engine considers an article that contains random comments to be a low-quality article with a link that is not relevant to the topic of the article. 

Also, the arrival of spam to your site’s mail drains your site’s resources and affects the bandwidth available to the Internet service provider, and thus leads to slowness of the site, and may sometimes cause Google to block your site’s IP.

This content is generally annoying to visitors to your site, especially if you publish links with morally offensive, misleading, or fraudulent content. Therefore, you must be careful to protect your site from it and be sure to delete it if it exists.

In fact, deleting spam content is not always an easy task, as it is rarely sent by human users and is mostly sent by specialized programs called Spambots and is published in huge and huge numbers that are difficult to delete manually.

Therefore, you must take the necessary anti-robot measures and protect your site from spam content that you publish on your site.

In the following paragraphs, we will explain the most important tips and preventive measures that significantly reduce spam content. We will also explain the most important free WordPress plugins designed to protect your site from spam content.


Preventing spam in WordPress

Follow these steps to protect your site from spam programs:

1-Activate the manual approval feature for comments

This feature enables you to ensure that no comment is published on your site without your manual approval. This way you can ensure the integrity of the comment before publishing it on your website. 

This does not reduce the reach of spam comments on your site, but it allows site visitors to see only legitimate comments that you approve.

To activate this feature, go to your WordPress site’s control panel > click on the Settings tab > then choose Discussion .

A window titled Discussion Settings will appear that enables you to control and manage all comment settings on your site. 

 Now scroll to the bottom of this window to reach the section titled (Before the comment appears) and activate the option (The comment must be approved manually) as shown in the following image:

Discussion settings

After completing, click on the (Save Changes) button at the bottom of the previous window to save the new setting. All comments to your site will now be suspended, and no comment will be displayed until you approve it yourself.

Now you can go to the ( Comments ) tab on your site’s control panel and see a list of all comments recently sent on your site, to review them periodically and approve only useful comments for publication on your site. Or put a mark (spamming comment) on random comments so that they are not displayed, and so that you can later delete the annoying comments in one go.

2. Turn off the comments feature when it is not needed

There is no doubt that comments are very useful for your site, as through them you can communicate with your site visitors and receive questions from them. Therefore, it is not preferable to completely disable and stop comments on all posts on the WordPress site, but it is possible to resort to this strict solution if there is no need for it.  

Othello can comment on the entire site by going to the discussion settings window > then going to the article default settings section > and deactivating the option (allowing people to send comments on new articles) as shown in the following image:

After deactivating this option and saving your changes, this will turn off comments on all recent posts or articles added after deactivating this option.

But it will not turn off comments on previous posts that have already been published.

In order to be able to turn off comments on old articles, you can activate the option to automatically turn off comments on articles that have been published for 14 days from the Comments Settings section in the Discussion Settings window (you can also specify a different number of days for which you want to allow comments on a post), as shown. In the next picture

WordPress will now automatically close comments on posts older than the number of days you set for this option.

Then scroll to the bottom of the screen and click the Save Changes button. This will invalidate any comments on posts after the period you specified has passed.

3. Allow comments only from registered users

If you want to be less strict, allow some comments on your site and open up room for site members to discuss and ask questions among themselves. You can only allow comments from registered users on your site.

 This option is useful for membership sites that allow users to register as members of the site and thus can only allow members to comment and block other users. 

To do this, go back to your WordPress site’s control panel > click on the Settings tab > choose Discussion, then go to the Comments Settings section and activate the second option (visitors must be logged in to be able to comment) 

4- Disable the Trackbacks feature in WordPress 

By default, WordPress accepts Pings from other sites and displays these PingBacks and Trackbacks within the comments of the same article.

But in reality, this feature is exploited by spam programs to place spam comments on WordPress sites. So you can disable tracking on your entire site or on an individual article. This measure will contribute to significantly reducing spam content. 

To disable tracking links in WordPress, go to the Discussion Settings window and disable the option to allow link notifications from other blogs (“PingBacks” and “TrackBacks”) in new posts.

5- Install custom add-ons to prevent spam

If you need a more effective way to stop spam from being posted on your WordPress site, you can turn to custom plugins. There are many WordPress plugins available that you can easily enable and install to reduce spam and filter spam comments very effectively. Below we list the most important of these plugins for you:

-Added Akismet to filter spam

Akismet is one of the most popular anti-spam plugins for WordPress sites. This plugin is usually pre-installed with WordPress and you just have to activate it.

After activation, this plugin works efficiently and filters all spam comments on your WordPress site. The filtering process uses its own anti-spam database, which enables it to identify and detect the most common types of spam comments.

This plugin is available for free, but you will need to register to obtain its API key to activate it on your site. To know the steps to install, set up and use the add-on correctly, see the following article . 

– Add Sucuri firewall

Although Akismet is able to filter and detect a lot of spam after it reaches the site, it is not able to actually prevent spam bots and automated publishing programs from essentially accessing your website and sending heavy post requests on it that cause Slow down the site and drain its resources. 

Here comes the role of the  Sucuri add-on , which is considered one of the best firewall add-ons for WordPress sites. This add-on allows you to block suspicious requests before they reach your site. Thus, you can reduce the load on your server and reduce the number of unwanted comments that are published on your site more efficiently.

In this comprehensive guide, learn about the Sucuri plugin, how to install it on your site, how it works, and what are its features?

– Add reCAPTCHA  human verification

Google’s reCAPTCHA plugin is an advanced form of CAPTCHA to prevent spam or fraudulent content bots from posting to your site. reCAPTCHA technology can determine whether the content sender is a spambot or a human user by making it pass a verification test before allowing it to post.

Passing this test is easy for humans, as users have to click a checkbox indicating that they are not a robot only (I am not a robot), but passing the test is difficult for robots, because when Google suspects that a robot is publishing unwanted content, It presents him with more difficult challenges.

After downloading and activating this add-on on your site, you can place the test anywhere that is susceptible to random publishing on your site, such as:

  • Website login forms 
  • Registration forms 
  • Contact forms 
  • reset password form
  • Comment forms 
reCAPTCHA in Comment Form

This add-on requires prior registration with Google reCaptcha, and obtaining a site key and a secret key to be able to activate it. In our next article, we explain in detail how to activate the reCAPTCHA add-on and use it on the login page of a WordPress website.

– Added Yoast Comment Hacks to limit the length of comments

The Yoast Comment Hacks plugin gives you a wide range of unique tools and options that help you manage comments on your WordPress site. It is an add-on issued by Team Yoast , which is the same team that released the famous Yoast SEO add-on

With this add-on you can customize comments, disallow comments longer or shorter than a certain length, redirect first-time commenters to the thank you page, clean up comment notification emails, and many more features. 

Through the feature of allowing setting the minimum comment length, it is possible to prevent short, unwanted, random comments that consist of only one letter or one word, such as (hello, follower..), as some random publishing programs publish hundreds of comments per hour that consist of Of only one word, or perhaps just one letter, with the aim of draining the site’s resources.

Traditional plugins like Akismet and Sucuri often cannot block these short comments because they are considered legitimate comments. This is where this addition comes into play, which enables you to specify the minimum comment length. It forces the user to leave a more meaningful comment rather than just a message of one word or one meaningless letter. 

After installing and activating the add-on, go to Control Panel > Settings > Comment Hacks. The settings page will appear, which contains four different tabs. 

The first tab ( Comment length ) enables you to specify the minimum number of words that a comment should contain. Through this tab, you can also specify the error that users will see if their comment is too short. You can also specify the maximum length of the comment, as shown in the following image:

 Yoast Comment Hacks

– Removed the Site URL field from the comments form to prevent spam

By default, the WordPress comment form contains four fields: the sender’s name, email, website URL, and a box to write comment text. 

Spam publishers take advantage of this comment form by writing in the name field keywords such as (the best WordPress courses) or (how to make money online), and in the URL field they write a link to the site they want to promote, and finally they write in the main comment text any random content that is not relevant to the topic. Posted on the site..

This method is commonly used by SEO marketers and novice bloggers because they believe that this helps them get better rankings for their sites and promote specific keywords in search engines. 

 That’s why it’s best to completely remove the URL field from the comments form of your WordPress site to reduce the number of spam comments of this type.

There are several ways to remove the URL field from the comments form of a WordPress site. You can do this by modifying your site’s Functions.php file as follows. 

1- Go to your site’s control panel > choose Appearance > then choose Template Editor

Template editor

2-A warning message will appear to you because you are modifying the basic template files. Click on the (I understand) button to ignore the warning. 

3- After clicking on this button, the template editor for the current active template on your site will open, as shown in the following image, and all the files for this template will appear on the left side. 

Edit the template properties file

4-Choose the template properties file functions.php, and add the following code at the end of it (before you modify the file, we recommend taking a backup copy of it so that you can restore it in the event that you modify the file incorrectly)

function wpb_disable_comment_url($fields) {
unset($fields[‘url’]);
return $fields;
}
add_filter(‘comment_form_default_fields’,‘wpb_disable_comment_url’);

This code filters the comment form fields in WordPress and removes the url field from it.

5- After modifying the code, click on the (Save Changes) button and return to your site, and you will notice that the URL field has disappeared from the comments form. 

To learn more about the functions.php template properties file, its importance, and how to access and edit it, we advise you to read the following article . 

– Prevent writing HTML codes in comments

By default, WordPress allows users to write HTML code in comment texts to provide additional formatting. Unfortunately, this feature can also be used to include spam links in comment texts. Therefore, it is preferable to disable the feature of displaying HTML code in your site comments.

To do this, edit the functions.php file of the template installed on your site, as we explained in the previous step, and add the following code to the end:  

function wpb_comment_post( $incoming_comment ) {
$incoming_comment[‘comment_content’] = htmlspecialchars($incoming_comment[‘comment_content’]);
$incoming_comment[‘comment_content’] = str_replace( “‘”, ‘'’, $incoming_comment[‘comment_content’] );
return( $incoming_comment );
}
function wpb_comment_display( $comment_to_display ) {
$comment_to_display = str_replace( ‘'’, “‘”, $comment_to_display );
return $comment_to_display;
}
add_filter( ‘preprocess_comment’, ‘wpb_comment_post’, , 1);
add_filter( ‘comment_text’, ‘wpb_comment_display’, , 1);
add_filter( ‘comment_text_rss’, ‘wpb_comment_display’, , 1);
add_filter( ‘comment_excerpt’, ‘wpb_comment_display’, , 1);
remove_filter( ‘comment_text’, ‘make_clickable’, 9 );

Thus, we have reviewed the most important methods and plugins available to prevent random publishing programs in WordPress and ways to filter them and protect the site from them.

We would like to point out at the end of this article that the most difficult part is filtering and blocking unwanted comments that are sent manually by human persons and not through automated robots because they are not detected by ready-made additions and need to be verified manually.

Therefore, it is always preferable to manually check comments and verify their content before publishing them on the site, so as not to expose your site to any random content that is off-topic and irrelevant and does not add any value to the discussion.

Conclusion

As you can see, posting unwanted spam has a huge negative impact on your site. It can affect search engine rankings, annoy your site users, and affect the reliability of comments among legitimate users, so it is vital that you do your best to protect your site from this content. 

We hope this article helps you with this task and the tips and plugins we explained today help you get rid of spam in WordPress. If you have other protection methods and tools that you would like to share with us, please let us know in the comments section. 

Avatar photo
I am a young man who has been working in WordPress and e-marketing for 10 years. I would like to share my experience with you so that we can become professional in WordPress I will be happy to share the experience with you.