WordPress Spam Protection Tutorial

Spam protection usually causes a lot of troubles to any website, no matter it based on WordPress, Joomla!, Magento or some other forum platform. Applying security measurements partially guarantees that the website will not be hacked. Of course wordpress spam protection is not just about the installation of a particular plugin, but it also keeping the application and its extensions always up-to-date.

WordPress Spam protection suggestions

A good WordPress spam protection includes several points to cover. Here are mine:

  • Make sure website and its plugins are updated.
  • Pay attention to wp-admin section section and either protect it with password or restrict the access to specifics IPs.
  • Protect any active forms, no matter comments or posts, with captcha feature.
  • Remove the plugins you do not need. I personally think that 5-6 plugins are enough for any WordPress. Building a website with 50+ plugins might be a very bad idea, because it is almost impossible to check and test each plugin for possible vulnerabilities.
  • Your access passwords such as FTP or the wp-admin panel password are strong. Using your pet’s  name as password is not a good option.

In this tutorial I will explain how to protect the forms on your website with captcha plugin. The process is actually easy, but I will provide detailed instructions to be sure the protection is applied successfully and no automated script will be able to post spam-like comments or register additional users.

How to install security plugins

Now let’s login to wp-admin section of your website and click Plugins button located on the left column of the panel. On the next screen click Add New and then type Captcha by BestWebSoft in the search field titled Search Plugins. The next step is install activate the plugins. Note this is randomly selected plugin that I tested and recommend as good one.

When the plugin is installed, click Settings as shown here and make sure that captcha is enabled for all possible forms.

WordPress spam protection

WordPress spam protection

Of course there are some paid options, but in this tutorial we will work with the free ones. At the bottom of the page you will find option to disable capctha for the registered users. I personally would recommend keeping it enabled. If the computer of the user is infected with virus, then the form will protect your website from spam comments. At the same page you will also find captcha adjustment options.

Spam protection basic settings

Spam protection basic settings

Advanced spam protection

As the basic options are set, we can proceed with the Advanced ones shown on this screen shot:

Spam protection - advanced options

Spam protection – advanced options

The image packages are selected by default and it is fine to leave them this way. You will see image enlargement option which can be checked for better user experience. The other option allows you to define captcha code entering time frame and notices upon typing incorrect code.

The other two sections allow you to whitelist particular IP address and add custom style for the main captcha class. If you are sure your computer is not infected with any virus, then you may whitelist your local IP address and skip captcha. The other option that allows you to insert a custom code is also interesting. Using it you can change the layout of the captcha class making it better looking.

WordPress Spam Protection tutorial - basic in advanced protection
Article Name
WordPress Spam Protection tutorial - basic in advanced protection
WordPress Spam Protection tutorial - basic in advanced protection using security plugins
Publisher Name

Do you want to share your opinion?

Your email address will not be published. Required fields are marked *


We are not industry specific. We are WordPress specific. We work with everyone to help them find solutions with their troubles.
If you show us the problem you are experiencing, we will show you how to fix it. It is that simple.

Reported WordPress issues

  1. mySQL Database tables have 2 different prefixes, giving me database connection issues
  2. Edit wordpress footer for Rara Business how?
  3. Sort results by proximity
  4. Search Engine in Website showing results from certain sites
  5. isotope jquery plugin filtered portfolio collapse the images on each other in mobile(html) and wordpress(on all media)
  6. Check if array has a certain integer value
  7. Wordpress, Ajax for returning bad request 400
  8. How to add contents in mycred_export header
  9. Buddypress Memebers area in blank in my live server
  10. Enforce Step Increments for Wholesale Suite Plugin

WordPress problems we are working on

  1. WordPress post_exists returning wrong value (timeout issue?)
  2. Wordpress Plugin codeing (auto category/tag/brand)
  3. Inconsistent background video playback with Google Chrome browser
  4. Register Rest Field For Repeater Custom Field
  5. Wordpress shows me a worng url and does not load a theme or css
  6. My WordPress Plugin only works for my computer
  7. Wordpress: not all posts showing when using cat filter
  8. How can i add default image sizes filter to get_first_image function?
  9. how sniff that send on my localhost by wordpress
  10. footable: removeClass not working for extended row

Resolved issues

  1. I can install new Wordpress plugins, but I can't update existing ones
  2. Changing WordPress website urls from localhost to something else
  3. two ajax responses in WP
  4. load-scripts.php: 500 (Internal Server Error)
  5. how to target a class in specific pages in wordpress
  6. How do you lock down what you want users to edit on WordPress?
  7. multiple wordpress in one server with nginx
  8. Remove the extra symbol “<>” in WordPress registration email
  9. Add to nav custom type posts WordPress
  10. http400 Bad Request from AJAX code for WordPress
wppotion - powered by persistence and passion