WordPress comment spam


Monday, May 14th, 2018 - General

We are starting to see a lot of WordPress comment spam being sent out through a lot of the accounts hosted on our servers. A lot of users have comment moderation enabled for their WordPress site, perhaps unknowingly. When a comment is posted by someone and the moderation bit is set, then that comment is emailed to the WordPress site administrator for them to take action.

Recently Google and Gmail have started flagging these comment moderation messages as spam. Unfortunately this can have the affect of Gmail blacklisting or weighing all messages sent from our servers as spam. Since we cannot allow this to happen, we are going to be forced to take action regarding this.

We will have to start putting websites into a read-only state if this continues. A read-only state means that nobody will be able to post any comments to your site and you will not be able to log into the WordPress dashboard on your account. Your website will still appear to any visitors, but you just won’t be able to take any actions on your website.

What can you do to prevent this?

If you are not using comments, I would recommend that you disable them. You can do that by logging into your WordPress admin dashboard and clicking Settings -> Discussion then make sure the option for Allow people to post comments on new articles is unchecked. However, if you have specifically enabled comments on any specific posts, comments will still be enabled for that post.

If you are using comments, I would highly recommend that you install some type of captcha system to prevent bots from posting comments on your site. The Google Captcha might be a good plugin to use.

We are doing all of this in an effort to stay proactive and insure that the hosting system your website is hosted on remains clean. We cannot allow comment abuse to affect the reputation of our servers.