Spam Free WordPress comment spam plugin blocks 100% of the automated spam with zero false positives, and with no CAPTCHA.
This plugin was born out of necessity in September of 2007. A comment spam fighting plugin was needed that could handle huge visitor traffic, and huge spam attacks. Today the plugin can scale to handle any amount of comment spam on the highest traffic blogs.
Spam Free WordPress Features
- Automatically blocks 100% of automated comment spam
- Local manual spam and ban policy set with local IP address blocklist
- Significantly reduces database load compared to other spam plugins
- Zero false positives
- Option to strip HTML from comments
- No CAPTCHA
- Saves time and money by eliminating the need to empty the comment spam folder
- Option to automatically delete comments marked as spam, trackbacks/pingbacks, and unapproved.
- Hundreds of thousands of Spam Free Blogs and Counting!
The plugin has the option to generate a custom comment list and comment form for themes that do not work automatically with the plugin.
Comment spam damages a blog’s SEO ranking. This plugin preserves your Search Engine Optimization.
The comment form is secured in the background, so your readers just see your comment form.
Automatically Blocks Automated Comment Spam
Spam Free WordPress several security methods to block spam bots, while allowing real readers to leave a comment without any problem. All security is pass or fail, which means a real person can leave a comment, but a bot cannot. There are no filters to try to guess what is a legitimate comment, ham, or spam.
Local Blocklist
Spam Free WordPress uses an IP address blocklist to block comment spam that is manually submitted by a real person. The blocklist can also be used to ban readers that leave offensive comments. The local blocklist is stored in the database, so it can be used to set policy for a local blog. If someone has their IP address listed in the blocklist that person can still read the blog, but will not be able to leave a comment.
Reduces Database Load
Comments that are blocked are never written to the database, which eliminates all the load on the database that spam creates, and other plugins allow. Blocked comments are sent to an error page that allows the reader to return to their comment, without a loss of data, to try to correct the error. Comments that are blocked have failed security methods that only spam bots would fail.
Option to Strip HTML from Comments
It is very common for manual and automated comment spam to include a URL that links to a web site. Spam Free WordPress has an optional feature that will automatically strip out HTML from comments, so URL links show up as plain text, and will also remove the allowed HTML tags from below the comment text box.
Pingbacks and Trackbacks
The plugin will close pingbacks and trackbacks on all posts and pages automatically when the plugin is installed, and it also has an option to open pingbacks again if so desired.
JetPack Comments
JetPack has introduced a Comments module that takes over the comment form. Spam Free WordPress disables the JetPack Comments module because it doesn’t work with any other plugin that manages the comment form. Spam Free WordPress plays nice with all plugins.
Spam Free WordPress in Action
Comment Form Example
The comment form is secured in the background, so your readers just see your comment form.
Spam protection is invisible to the reader.
Installation Instructions
1. Upload to the /wp-content/plugins directory
2. Activate
3. Turn on the Spam Stats, and try to leave a comment to make sure it is working.
Support
Spam Free WordPress requires a free license key for support, and to activate advanced features, that you can get here.
Requirements
Self-hosted WordPress 3.1 or above. PHP 5 or above. Works with single-site, or multi-site, versions of WordPress.
Download
Download latest version of Spam Free WordPress
Troubleshooting version 1.9.3
Error Messages
Here’s what to do if the plugin displays an error message:
- Error message:
- “Spam Free WordPress disabled the comment form because it could not retrieve the password from the server. It may be necessary to do one, or all, of the following. Turn on the Old Password Fields option, turn off Nonce Security, or to turn on Generate Comment Form.”
- Solution:
- It may be necessary to do one, or all, of the following. Turn on the Old Password Fields option, turn off Nonce Security, or to turn on Generate Comment Form.
- Error message:
- “Spam Free WordPress nonce security check failed. Troubleshooting.”
- Solution:
- Uncheck the box next to Nonce Security.
- Error message:
- “Spam Free WordPress could not retrieve the password from the server. It may be necessary to do one, or all, of the following. Turn on the Old Password Fields option, turn off Nonce Security, or to turn on Generate Comment Form. Troubleshooting.”
- Solution:
- It may be necessary to do one, or all, of the following. Turn on the Old Password Fields option, turn off Nonce Security, or to turn on Generate Comment Form.
- Error message:
- “Comment blocked by Spam Free WordPress because your IP address is in the local blocklist, or you forgot to type a comment.”
- Solution:
- Either your IP address is in the plugin blocklist, which can be found under Settings >> Spam Free WordPress, or you did not type in a comment.
- If All Else Fails
- Switch themes.
- Disable all plugins until the problem plugin is found.
- Request help with the Spam Free WordPress support request form (must have a free license key, and must be logged in to use).
Comment form and Comment List Are Not Styled Properly
- Uncheck the Generate Comment Form box. If you then get an error message when leaving a comment, turn the Generate Comment Form option back on, because your theme isn’t working properly. The Generate Comment Form option that displays the comment list and comment form has a CSS style sheet that can be found in the plugin’s css folder where you can make changes. Be aware however, that css folder will be overwritten on plugin updates.
Plugins That Cause Problems
- Minify plugins such as WP Minify, Better WordPress Minify, W3 Total Cache etc. may need to have minification of JS files turned off, or you can have the plugin exclude the file: sfw-ipwd.js. Some minify plugins, like Better WordPress Minify, require a script handle rather than a filename, so the script handles that should be excluded are: sfw_ipwd. All of the Spam Free WordPress JavaScript files are already minified, or more correctly, compressed.
- Minify plugins can prevent JavaScript files from loading, or from loading properly.
Incompatible Plugins
- Disqus Comment System – Since it takes over your comments completely
- JetPack Comments module – Since it takes over your comments completely
Languages Supported
- English
- German – Deutsch (de_DE)
- Italian – Italian (it_IT)
- French – Français (fr_FR)
- Hebrew – עברית (he_IL)
- Japanese – (日本語 – ja)
- Chinese – 中文 (zh_CN)
- Hong Kong – (香港) (zh_HK)
- Taiwan – (台灣) (zh_TW)
- Swedish – Svenska (sv_SE)
- Norwegian – (norsk)
Free License Key Required
Spam Free WordPress requires a free license key for support, and to activate advanced features, that you can get here.
Thanks Todd
I wait for your news.
Gene
I use buddypress of wordpress. The plugin of Jetpack is: Blog Subscription (Jetpack). And when I put an article of the blog, this plugin doesn’t run with Spam Free WordPress. It’s same with an other plugin against spam. I find an other plugin free spam with that I haven’t problems with the newsletter, but it’s not really good.
A member of the website writed to me it’s not possible to access on answer case if he isn’t logged. The numbers are not recognized if someone want to write a comment. Sorry for my bad english. But it’s really like this.
With what plugin can I have conflicts for this situation?
Sincerely
Gene
The problem may be Buddypress, and not Jepack Blog Subscription or Spam Free WordPress. I will do some tests with this setup before the next release of Spam Free WordPress to see if I can see any problems.
Hi Todd
I cann’t use your plugin. It stops the newsletter plugin, new plugin from the new version of Jetpack.
Can you make something?
Gene
Do you mean Subscriptions? There are no conflicts between Spam Free WordPress and Jetpack. In fact, it is impossible for Spam Free WordPress and Jetpack to have a conflict. The problem with your subscription (newsletter) plugin is not related to Spam Free WordPress.
I use the Jetpack subscription addon right on this page along with Spam Free WordPress.
Todd,
This works great and I have it blocking spam quite sucessfully- thanks, but I have noticed recently a few have been creeping through, do you think their are some bots out there that have now cracked spam free or is it just a few determined manual spammers?
Interested in what other users of spam free are experiencing.
Alan
Please read the Pingbacks and Trackbacks section at the bottom of this page, follow the directions, and download the Pingbacks and Trackbacks plugin. The spam could be pingback and trackback spam rather than comment spam. If it is manual spam then putting the comment IP address in the blocklist will eliminate it.
All is ok. No problems. Thanks for all
How does that work? I think one can pretty easily write some javascript that copies the value to the empty field.
Good luck with that.
Ok, thanks Todd.
So I install the plugin now and I change nothing in the settings? All is ok and it doesn’t disturb the plugin of newspaper of the new version of Jetpack?
I don’t understand all, but I will try this plugin. I will see what’s happen on the fellow.
Sorry for my bad english, but same with google translation, it’s difficult for me. I will see.
A question? Must I save this password?
Gene
A password is generated for each post, and is changed when a new comment is posted.
hello. My website is neintrebi.ro. If someone who is connected with facebook on my website leave a comment, the following error eccurs : Error 1: Click back and type in the password. What can I do to fix this problem? thanks
Turn off the “Connect with Facebook” option. The “Error 1: Click back and type in the password” is only shown when no password is provided when the comment is submitted. When a reader logs in using the “Connect with Facebook” option they may not see the Spam Free WordPress password, so there will be an error.
Spam Free WordPress uses the password on the comment form to authenticate the reader comment, so there is no need for the “Connect with Facebook” option.
If those bad guys will not stop any time soon, I will be forced to try ;)
When you do give the plugin a try also read the “Pingbacks and Trackbacks” section at the bottom of this page, download, and install that plugin as well, because Pingback and Trackback looks exactly like comment spam. This feature will be integrated into the upcoming release of Spam Free WordPress.
I was looking for something that would stop Indian CAPTCHA solvers, but it looks that this plugin will not help, cause those guys will just copy the code :(
BTW you should switch the text for the comment navigation Newer Entries to Older Entries ;)
You have obviously not tried Spam Free WordPress.
Great! Thanks.
Can I follow Ping and Track-backs directions after I update code?
Thanks for your help again!
Brett
P.S. Do you know anything about DAP Software? Having a problem securing our site while running this program. Although I have found out that each hosting company is set up different and hope the hosting was the problem! Let me know.
Yes. Make sure to download the pingbacks and trackbacks plugin to complete the process of closing pingbacks and trackbacks. This will be automated in the next version of Spam Free WordPress.
There are several programs called DAP Software, so I’m not sure which one you are referring to.
hello,
thanks for that grate plugin!
I would love to know if there is a way to see which comments have been blocked on my blog http://ngurl.me/8-z
It is written under the comment field
276 Spam Comments Blocked so far by Spam Free WordPress
are that comments that tryed to be posted on my blog?
can i see them?
Thanks
Please follow this link for the answer to your question: http://ngurl.me/8-y
To know if Spam Free WordPress is operating properly, leave a comment yourself as a test.
I will have an a future release of the plugin that allows for the password message to appear on the comment form in your language.
I notice that you don’t have a “website” field that ties with a person’s name. I might be able to give that up as long as CommentLuv (the plugin) will still function with Spam Free WordPress. Do you know if CommentLuv is compatible or not?
Thanks.
Hello Richard,
Spam Free WordPress is compatible with all plugins, including CommentLuv. I only recommend disabling other anti-comment spam plugins while using Spam Free WordPress to prevent false positive spam matches.
Heh, looks like your 100% hit rate spam blocker isn’t so 100%, based on all the Ugg boots posts. I’m suffering from hundreds of these a day at the moment. -_-
I hoped this plugin would work, but obviously not! Ah well. Looks good otherwise mate.
Your problem is not comment spam then, it is pingback and trackback spam, which looks just like comment spam. Read the section at the bottom of this page called Pingbacks and Trackbacks, follow the directions, and download the plugin.
Spam Free WordPress is blocking 100% of your comment spam.
Hey Todd
What am I doing wrong with this theme. The other code is different, but tried using steps from your site and no go. the comment.php code for this theme is here: http://ngurl.me/8-w
Thanks Brett
Here’s the modified code: http://ngurl.me/8-v
Wonderful! feel free to contact me via e-mail for anything you need in translating issues!
best regards!
as per Joe, can you unsubscribe me, too, as the unsubscribe feature fails, as per described. Thanks
Done. :)
if you need an Italian localization for your plugin texts, i’ll be glad to help you… a small reward for your kindness in answering my questions.
Thank you Riccardo. I will need translation help in the next version.
Your email management system is not managing very well. I get notified of a new comment, click on the link to “manage subscriptions” and the link sends me another email with a link that goes right back to a page that emails me a link to manage subscriptions. It just keeps looping back and back to:
Manage subscriptions
To manage your subscriptions, please enter your email address here below. We will send you a message containing the link to access your personal management page.
So please remove me from your mailing list.
Thanks.
Wonderful! it works!
was it only the last two lines? (i didn’t dare to delete them)
I’ll let you know if it solves the spam problem!
thank you very much!!!
Tom,
I can’t get your subscription management to work o_O
Spam Free WordPress yes, but you are now spamming my mailbox ;) :P
Since you have answered my question, would you kindly delete me from the subscription to this post?
Thank you and regards :)
The plugin I’m using to subscribe to comments was written by someone else, and still has some bugs.
I have manually removed you from the list.
Thanks for your reply but it’ doesn’t work :( it says:
Parse error: syntax error, unexpected T_ENDIF in /…/wp-content/themes/picture-perfect/comments.php on line 63
that is the one that says “if you delete this the sky will fall on your head”
can you tell me what am I doing wrong?
Thanks
I have modified, and tested the comments.php code, to work without errors. Looks like I missed a line the first time around.
The correct code is here: http://ngurl.me/8-q
Hi, thanks for this plugin, unfortunately i can’t say if it useful or not for me because i’m having problems with my blog (wordpress 3.2.1 and theme “picture perfect”). i can’t see the password field in comment form (even if i’m logged out) and i can’t find the function comment_form(). So, before messing all up i’d like to know if is there a problem with the theme or am i doing something wrong?
thanks in advance.
Make a copy of your comments.php file, then replace all the code in the comments.php file with the “RAW Paste Data” code at the end of the page located here: http://ngurl.me/8-q