As this blog has gotten more popular and, as a result, started ranking well with Google, the spamming here has become incessant — to the point where faithful, reliable, old Akismet alone isn’t good enough.
Akismet has caught nearly 16,000 spam comments here in just under three years, and only accidentally labeled three comments as spam (see details, PDF). So sure, I could just purge the Akismet moderation queue every time I log in to the admin section.
But I don’t like the idea of visitors here possibly being labeled as spammers, without being told, no matter how unlikely that is to happen. And because of the way WordPress stores comments, emptying the Akismet moderation queue leaves a lot of MySQL overhead.
So I’ve decided to use WP-SpamFree to augment Akismet. And what that means to you is, if you disable JavaScript and cookies, or visit this site via a proxy server, you cannot comment here.
After deciding I wanted something more pessimistic than Akismet to simply kill spam before storing it, I looked around on the WordPress Plugin Directory for solutions.
I settled on two: WP Hashcash and WP-SpamFree. After testing each, WP-SpamFree was my choice, because of its flexibility, options and extras.
WP Hashcash has great features and worked well, save one big problem: It moderated reply comments I made through WordPress admin.
That’s right: WP Hashcash wouldn’t let me reply to comments, even though I was logged in as an administrator and was using the comment reply system. Right there, in the dynamic comment box that shows up after you click the reply link, I was told WP Hashcash considered my reply to be spam.
Regardless of whether WP Hashcash was specifically designed to work that way or I experienced a bug, I don’t want to use an anti-spam plugin that moderates the comments of logged-in admins. To me, it seems obvious that any logged-in user’s comments should be approved, if that user belongs to a group that has comment privileges.
In contrast, WP-SpamFree doesn’t moderate the comments of logged-in users. It uses the same JavaScript-based form validation and IP lookup schemes used by WP Hashcash, and adds the ability to check for cookies, just in case a user may have disabled JavaScript in their browser.
WP-SpamFree also includes a moderated contact form. I’ve wanted to have a contact form on this site, but spam has been a problem with previous plugins I have tried.
WP-SpamFree is far more pessimistic than WP Hashcash — which can put all the spam it catches into the Akismet moderation queue, or delete it outright — but so far, it appears that WP-SpamFree’s dual method of JavaScript and cookies is ensuring live, real people can comment.
So WP-SpamFree gets the nod. Again, that means that there’s a very outside chance legitimate comments may get moderated out. If that happens to you, I apologize. But with hundreds of spam comments coming here every day, I can’t continue to sift through the Akismet moderation queue. WP-SpamFree seems to be a fair balance between stopping the spam at the source and giving legitimate commenters a fair shot at getting through.
I do the same as you, using Askimet and WP-SpamFree. Of course, though, every system always has a flaw. I went through today and found a legitimate question from someone asking how often I post, the day before, it blocked some Cam Website post. I love the plug-ins, but always have to check the comments, I’m thinking of designing a plug-in for spam, maybe it’ll be the next WP-SpamFree lol.
-Bill