Comment Spam: Google Cares, and You Should Too

Community engagement is key to success for a blogger or online publisher, and that means comments. Allowing comments on blog posts encourages readers to express their opinions. It also provides an opportunity to increase your authority through conversations with inquiring minds and appreciative fans in your blogging network. Social media makes it easy to share articles, but there’s nothing quite like building a community on your own website or personal blog.

But with a growing audience comes comment spam. These aren’t words of encouragement from loyal followers or legitimate questions from interested readers. These are the comments that are a little too formal, don’t quite make sense, or are pushing payday loans and cheap prescriptions on your post about baking bread.

These comments don’t just interrupt the conversation; they could hurt your traffic. In this tutorial, you’ll learn why comment spam leads to poorer search-engine rankings and how Jetpack’s spam protection automatically fights for you.

What is comment spam?

Comment spam is when a bot or person leaves an irrelevant comment, sometimes also with a link to a spammy website. It negatively impacts both the site visitor’s experience and your search engine rankings.

Search engines penalize sites with lots of comment spam because unsuspecting visitors may click links that lead to insecure sites and expose them to viruses, malware, or phishing tactics. Spam comments also make it look like you don’t take the time to care for and monitor your website, which isn’t great for your brand and reputation.

With the right software, spammers can post millions of comments for less than $50. Tricking just a few unsuspecting victims into handing over credit card information or buying illegitimate products means profit. Spammers have also gotten better at making comments look real in order to trick website admins into thinking they aren’t spam. They ask questions, request help, or mention something they’re having trouble with in order to sound like a real commenter seeking answers, but they’re really a spammer who wants to benefit from a backlink. You can often spot these comments by their poor grammar, lack of real meaning, or overly-formal tone.

What are backlinks and pingbacks?

A backlink occurs when a website links to another site, blog, or article. They’re critical for building a positive reputation online because they contribute to search engine optimization (SEO). Sites with more backlinks tend to have higher organic rankings on Google.

For a business owner, having a reputable website like Entrepreneur or Forbes link to your blog is a huge win both for organic traffic and search engine rankings. But if the websites that link to you are low-quality or spammy, they can have the opposite effect on your page rankings.

Search engines apply this same principle to the links that are on your site. If you have a website with lots of links to sites that Google considers to be spammy, phishy, or otherwise low-quality, your website can, in turn, receive lower rankings.

It makes sense: Google’s business relies on customers trusting that the information they receive and the links they click are safe and relevant. If users lose trust, they’ll find a different search engine. The reduction in traffic will hurt Google’s ad revenue, so they work hard to identify and penalize spam to ensure that everyone has a good experience on their platform.

You don’t have to worry about backlinks. Google offers a “nofollow” attribute that you can apply to comment links — any link with the rel=”nofollow” attribute won’t be considered when determining page rankings.

The good news is, with your WordPress site, all links in WordPress comments have the nofollow attribute applied by default to protect against comment spamming. In 2019, however, Google updated its approach to how it handles these links:

“When nofollow was introduced, Google would not count any link marked this way as a signal to use within our search algorithms. This has now changed. All the link attributes — sponsored, UGC, and nofollow — are treated as hints about which links to consider or exclude within Search. We’ll use these hints — along with other signals — as a way to better understand how to appropriately analyze and use links within our systems.”
Google Webmaster Blog, September 2019

Since Google may not ignore nofollow, it’s still smart to keep spammy comments with links off your blog. Not to mention, it will support a better user experience as well as boosting your SEO.

A pingback occurs when someone links to your website and a comment, including a link back to their site, is automatically generated on the page that they linked to. While there are protections in place to ensure that the pingback originated from your post, spammers have figured out how to break through them. This results in a lot of fake or malicious pingbacks that show up as comments, creating even more WordPress comment spam on your site.

You can disable pingbacks by going to Settings → Discussion and unchecking the box titled “Allow link notifications from other blogs (pingbacks and trackbacks) on new posts.”

Manual vs. automatic comment spam prevention

Comments are wonderful for engaging with your customers and followers, but they can open the door for negative consequences. Fortunately, there are both manual and automatic ways to prevent comment spam while preserving space for legitimate interactions.

How to manually prevent comment spam

WordPress offers several comment moderation options. You can choose to automatically allow all comments, manually moderate all comments, or automatically approve comments from already-published users. That way, you can only allow people with a track record of good comments and not abusing your comment form to join the discussion. To adjust your comment settings:

Navigate to Settings → Discussion in your WordPress dashboard.
In the section titled, “Before a comment appears,” choose either “Comment must be manually approved” or “Comment author must have a previously approved comment.”
Click Save Changes at the bottom of the page.

In the Discussion settings dashboard, you can also:

Require that users be logged in to post a comment.
Require a name and email address for each comment.
Choose to be notified by email each time a comment is published or held for moderation.
Close comments on posts older than a set number of days. It generally takes at least a few weeks for new posts to rank on search engines, so the majority of comments that happen during the first few weeks are legitimate. After your post begins to rank well, spammers will find and target it.
Hold comments in moderation when they contain a certain number of links. Spammy comments often include multiple links.
Trash or moderate comments that include certain words. If you often receive spam comments about “Nike shoes”, your site can automatically discard comments that include that phrase.

When comments are held in moderation, it’s your job to go through each one. In your WordPress dashboard:

Click Comments. You’ll see a list of all comments on your site. Unapproved comments will be highlighted in red, but you can also use the filters at the top of the page to sort by All, Mine, Pending, Approved, Spam, and Trash.
Read each unapproved comment and determine if it’s spam or real.
When you hover over each comment, you’ll see options to Approve, Reply, Edit, Spam, or Trash. Click the appropriate option for each comment.
Repeat for all unapproved comments.
Spam isn’t permanently deleted; it is stored in a folder. To permanently delete these comments, choose the Spam filter at the top of the page and click Empty Spam.

When determining if a comment is real, watch out for topics that are unrelated to your blog post and links that look odd. While bots try to copy human speech, they often fall short, leading to misspellings, grammatical errors, and overly formal language. Some spam comments also refer to you as “ma’am” or “sir.” It’s generally pretty obvious which comments aren’t legitimate, but you will need to make this determination for each one.

Automatic spam prevention

Managing your WordPress blog’s comments section manually can be frustrating and time-consuming. It’s hard to determine which comments are actually spam, but you don’t want to disable comments and entirely discourage interaction on your site. You could include a CAPTCHA, but these have been shown to substantially decrease audience engagement – who wants to tick a checkbox asking them to identify three sets of traffic lights every time they post a comment?

Plus, don’t you have more important work to do? Your time would be better spent focusing on selling more products or connecting with clients. Instead of dealing with spambots yourself, choose an anti-spam plugin that handles everything for you.

Jetpack Anti-spam is a high-quality spam filtering tool that takes a few clicks to set up. It automatically filters WordPress comments, pingbacks, and contact form submissions for known spam, saving you hours of time each week. Jetpack’s spam filtering functionality is powered by industry-leading Akismet, which filters an average of 7.5 million spam comments per hour using its extensive comment blacklist.

If you’re worried about legitimate comments being flagged as spam (false positives), you can choose to read through everything marked as spam and restore any that you’d like, or you can discard the worst and most pervasive spam, so you never have to deal with it. You can even view stats about your comments and see exactly how much spam Jetpack Anti-spam keeps off your WordPress site.

Spam filtering is automatically activated when you install Jetpack and choose one of the paid plans. Along with this powerful feature, you’ll benefit from other security solutions like brute force attack prevention, downtime monitoring, and daily backups. Why waste your valuable time? For only a few dollars per month, you can save enough time in a single day to pay for an entire year.

Get started with Jetpack Anti-spam

Have a non-WordPress CMS? Akismet works for many other types of sites as well!