WordPress Because of its popularity, there are some risks involved. Since so many users are using WordPress, there should be no shortage of victims if they can attack this platform. Hackers have been following WordPress with such thoughts. But with regular updates and a little security, you can keep your WordPress site safe.
We will talk about spamming in today’s post. Spamming usually means a lot of unsolicited / fake email messages, but there is a simple definition. Simply put, spamming is an unwanted activity that may be done for the spammer’s profit (even for peace of mind!) But causes annoyance or harm to the other party. Uploading photos to Facebook all day and tagging others in it is also a form of spamming.
But WordPress The level of spamming on blogs is even wider. Normally your WP site may be spamming as follows:
- 1. Spam contact messages
- 2. Spam comments
- 3. Spam user registration
- 4. Spam article posting
Let’s talk a little more about these and discuss possible ways to prevent them.
1. Spam contact messages
All types of websites have a section called “Contact Us” or “Contact Us”. Some put it in contact form where visitors can give feedback with name, email address, message subject. This contact form can be a gateway to spamming unless security measures are taken. If you set the contact form, captcha verification system can be kept in it. Because the automatic system (bot) is somewhat incapable of verifying the captcha. However, spamming is currently being avoided without captcha. So if you have captcha, the day of sleeping with oil on the nose is over. If the image captcha doesn’t work, math captcha can be tried. If that doesn’t work, make arrangements with the plugin to block the message if the email address is not correct. After all, the best thing to do is to send a feedback to a confirmation link in the visitor’s mail, and then click on it to get the message to the site admin.
What? Feeling tough? People do everything for security. And you can’t do that for your favorite site?
Well, let’s say another easy way. You do not need to use the contact form unless you can take appropriate anti-spamming measures. Instead, offer customers an email address at your convenience via plain text or image. Anyone who needs it will mail it.
2. Spam comments
Comment spamming is another horrible name. But with a little ingenuity, you can prevent this. Many WordPress blogs keep comments open to everyone. In this case, you can post a comment by submitting an email address and name. But this process is more likely to increase the rate of spamming. For this you can take capture help as extra security.
Besides WordPress Built-in options also come in handy. There are several rules to choose from in the discussion settings of WordPress. The matter should be clear as soon as you see the screenshot below.
And if you want, you can choose third party comment system like Discus, Facebook Comment, WordPress Comment etc.
3. Spam user registration
There is a WordPress site but you can’t hear the name of the spam user registration. As you may have noticed in your blog, sometimes member registration is done with strange usernames and email addresses. You may also be less likely to have visitors to the countries where the IPs are showing. On top of that these members stay only till registration. No need to edit profile. As soon as you find such a diverse member, you will assume that spam registration has started on the site. You may be thinking, “What is the harm in increasing the membership? They don’t want rice and clothes from me anymore! ”; But these members can become a threat to the security of your site. In some cases, they even manage to get admin access.
So, how to prevent spam user registration?
If you don’t know coding, you will get many plugins from WordPress.org site. But some of them are quite complex. Some of these configurations may even ban your actual visitors. Better WP Security, WordFence Security These plugins use some default IP blacklist techniques. You can use them. But that’s not enough. It is also possible to prevent it with the help of Captcha plugin in the market. But nowadays bots are capable of captcha cracking!
In my personal experience, spammer bots usually register members by attaching a registration link directly to the site address. For example, if your site address is www.example.com, then its registration address in WordPress will be www.example.com/wp-login.php?action=register. Bots do this by adding this extra part directly to the domain. Now your goal is to change the default register URL. This is also known as “hiding backend”.
Better WP Security The backend can be hidden through the plugin. However, such an option of another plugin seemed easy to me. ‘Total SecurityUsing the Hide “wp-login.php” and “wp-admin” folder ‘options of the plugin, it is possible to block spammers instantly (tested); In this case, first you have to fix a “secret key”. After saving it, the default login, registration and password recovery URL of your site will be changed. As a result, the registration attempt by the bot at the old address will fail. And if you use a third party commenting system, it is a good idea to turn off the member registration option of the site.
4. Spam article posting
Spam articles are posted by members of your site. I think the manual method is the most effective to remove these. Poster’s account can be suspended or IP ban can be taken if necessary after deleting the first contradictory articles. And it is better to set a special rule / filter through settings, coding or plugin.
WordPress Like there could be more multidimensional spamming on a platform so extensive. There are many ways to prevent / cure these. I have tried to highlight only a few in this post. Everyone will benefit if you share your views and experiences through comments. Thanks.
[★★] Want to write about technology? Now one Technician Open an account and post about science and technology! fulcrumy.com Create a new account by visiting. Become a great technician!