Killing WordPress Comment Spam for Fun and Profit

I recently had to “reboot” this blog as I had to remove it from a wordpress-multisite installation and serve it as a standalone instance. By the way, if you’re starting a new WordPress project, avoid multisite installations like the plague, they really don’t work well and are an expensive pain to spin off, as the plugins that actually work for multisite installations are typically much more expensive than the (often free) ones that do not require that capability.

This aside, one of the big problems you will come up against when administering a “default” wordpress installation is comment spam. Basically you will see hundreds of comments on your posts pile up, but when you actually have a look at those comments you will quickly realize that almost all of them will be essentially from bots that attempt to spam your posts with links. But you can avoid this with a few very simple steps that will stop the spammers dead in their tracks.

WordPress Settings

The relevant settings can be found by logging into your WordPress instance as an administrator, then from the Dashboard going to Settings > Discussion.

Default post settings

The first thing to do is decide whether you want to allow comments on your posts at all. It’s not as obvious as thing as it might seem. If you try to measure engagement by relevant comments on WordPress, you will likely be very disappointed. A much better measure of engagement is how much discussion you can generate on social media sites on which you share your posts. So, the easiest way to cut down on spam is to disable comments entirely by unselecting the checkbox next to Allow people to submit comments on new posts and skipping the rest of this article.

Other comment settings

If you do allow comments, the most effective way to cut down on the amount of spam is to select Users must be registered and logged in to comment in this section. Spammers are just not going to go through the trouble of registering as a user and will just skip your site, which is the best scenario.

Before a comment appears

Unless you expect that your blog will be a particularly busy one in terms of users comments — and in 2026 that is not a very likely eventuality — make sure to select both the Comment must be manually approved and Comment author must have a previously approved comment options. These will make sure that spam comments do not appear under your posts by default. I believe that those are the default settings in WordPress, but you’ll want to double-check.

Comment Moderation

At this point your installation is already pretty secured, but to “bulletproof” things you should change the Hold a comment in the queue if it contains X or more links option to 1 instead of the default 2.

Conclusion

Just adjusting your WordPress settings in the ways described above should cut down the spam submitted to your site by 99%. Sure, having a large number of comments on posts may seem encouraging if you’re starting a new project, but what you really want is engagement, not people using your site to advertise (mostly) porn and other questionable sites. And in my experience the engagement will actually come from the forums and social media sites on which your share your posts, and not those left on your site.

Thanks for attending my TED talk…

On Homelessness in Montreal

Here’s something I posted this past week on reddit but I feel it really needs to be reposted here.

I live next to the Palais des Congres, basically ground zero for homelessness in Montreal because it’s a public space so unless someone gets violent or annoying to the public they’re left in peace. For the most part the homeless don’t bother the residents, and vice-versa.

But it’s really depressing. Once you see someone new hang out here, you get to see them grow old really quickly. The general population thinks that “they messed up their lives with drugs”, which is true in some cases, but in most cases it’s the reverse — imagine that you have nothing to do all day (who’s going to hire the homeless?) and nowhere private to go to, ever. Well then, drugs quickly become the cheapest ticket to feeling good, no matter in how limited a capacity. They don’t have any “entertainment options”. Even assuming that a lot of them go to the Old Brewery Mission at night, the mission closes during the day, so they come right back. There are 2-3 distinct groups, overall they seem to respect each other’s “turf”.

Thing is, the general population — “normies” — really have no idea how close they are to being in this situation themselves. Yeah, we all dream of being millionaires or whatever, but we’re all infinitely closer to being out in the street than we are to owning a big yacht. One illness, one screw-up at work, one mistake in behavior, and that can be it. Much as people like to lie to themselves about this type of utter destitution being due to moral failings, unless you’re born into old money you’re probably teetering on the edge of that existence.

Yes, there are government programs. But we need to recognize that every year those programs are less funded than the previous year. Since the 1970s the percentage of the tax burden assumed by corporations and rich people has been on a steady decline, and that of “normies” has been rising. That started in the USA, but Canada quickly followed suit, because “we must be competitive”.

Well, “being competitive” sounds great as long as you’re on the side of the “winners”. But it necessarily also means that every year, there are more and more people on the “losing” side of the equation. It’s a sad reality.

That’s capitalism for ya.

On the usefulness of AI…

Today I gave AI a chance. It didn’t go well.

It’s not the first time I give it a shot. In previous attempts I have found that AI, in that case CoPilot, is OK at coding, as long as you personally figure out the exact algorithm you want to turn into a python script and tell the bot exactly what you want it to do step by step. So I’m not necessarily opposed to the technology altogether.

However today I tried to get the Claude bot to translate a document that was maybe half a page long. I sat there and after a while thought “well this is taking a while”. But I was patient. And after several minutes, voila! I got a message that I was “out of messages”.

And even worse, there was seemingly no way for me to save the prerequisites and strategy for the translation so that the next time I have to deal with the same situation, Claude wouldn’t have to do all this extra processing.

The source and target languages are very common. The file format was very common. The amount of text was frankly trivial. And I have nothing to show for all this. At least if a human was working on this I would have had at least a partial translation.

Words fail me in expressing how much of a disappointment this whole experiment turned out to be. This is why companies are spending hundreds of billions of dollars? This is the “future of work”? This is why it’s practically impossible to find a job in the software industry these days?

What a sh*t show.