Tutorial: Comments

Comments on your blog are great. When you start getting comments you blog appears busy and read. As a blogger, getting comments on your post is quite a reward. It makes you feel that your post is not only read by someone other than your Mum (hello Mum if you’re reading!) and also that you made enough of an impact to get the reader to leave a comment, whether it’s a question or an opinion. Comments also add to an already written post, so by allowing people to comment on your site, you’re getting extra content for your website.

WordPress’s comment system is pretty easy to use. You can set comments to be on or off by default under the Options – Discussion section. I tend to leave the default method which means that for every comment your site receives you’ll get an email sent to you with the content of the comment plus a link to the post it’s on, along with links to delete or edit the comment. Also, on the default settings, when a person comments on your site for the first time (the first time their email address has been used), their comment will be held for moderation, ie. it won’t be set live until you log in and allow it through. This is a good way to control your comments as this way any potential spammers are trapped as first time commenters and you can remove their posts. Once you’ve allowed someone to make a comment once, whenever they comment in the future their comment will automatically go live. You can still edit or remove their comment if you need to, however you won’t need to moderate their comments.

So, to run through the comment process in steps

  1. Someone comments on your blog for the first time
  2. Their comment is held for moderation and you receive an email which contains their details, their comment, a link to the post they’ve commented on and links to either allow the comment through or to edit or remove the comment.
  3. When you click the allow link it will take you to your WordPress admin. It may ask you to log in if it doesn’t remember you.
  4. You then get shown the comment and ask whether you want to allow it or not. If you do then click Yes.
  5. The comment then automatically displays under the post that the visitor commented on.
  6. If the same person makes a second comment on that or any other post, and uses the same email address, the comment is automatically allowed and added below the post.
  7. You’re sent an email with the comment details along with a link to edit or remove the comment.

If you’ve allowed a comment through by mistake, or need to edit a comment for whatever reason, then you can do this via the Comments section. On this page you can see all of comments made and there are links for each one to allow you to edit or remove the comment.

Also under Comments – Awaiting Moderation, you can see all comments waiting for moderation, and on this page you can moderate multiple comments in one go.

Combatting Spam

After a while your blog will get popular, with spambots if no one else! Once they pick up on your website, that it’s powered by WordPress and that comments are on the bots will start to try and get their spam onto your blog. This is because some people change the default settings under Options – Discussion to allow all comments, so spam will instantly get onto the blog (something I really don’t recommend you doing!). Whilst you’ve got comment moderation on for first time commenters, you’re sure to stop all spam, however after a while it can get annoying getting an email for every comment, it’s the same as receiving standard spam, except it’s also getting into your comment moderation queue too! I’ve also heard of blogs which have literally been spammed about 100 times a second and taken a server down, because for every comment made, an entry goes into the database and an email is sent. This happening too many times in a short space of time and the server will probably fall over. However, there are ways around this.

  1. To stop you from having to see the spam posts, you can add words to your filter under Options – Discussion. At the bottom is a box called Comment Blacklist, and here you can add lists of words that you want to automatically block and classify as spam. This automatically sets comments as spam and won’t email you about them, but it will still save them in your database.
  2. WordPress, by default, comes with Akismet, a plugin for controlling comment spam. To activate this, go to Plugins, find Akismet on the page and click on Activate. You’ll also need to register at WordPress.com to get yourself an API key (it’s free). Once you’ve got this key you can return to Plugins – Akismet, and enter your API key into the box provided. Akismet works off a central database and uses the information provided by all the WordPress blogs, and other sites, that use Akismet to improve its capability of catching spam by methods of words and email addresses. Unfortunately, at times, the wrong email addresses can get caught, but you can check over the spam trapped by Akismet under Comments – Akismet, allow the non-spam through and remove the rest from your database to save the spam clogging up your database. Again however, this still enters the spam comment into your database when it’s first made.
  3. There are other spam plugins such as Spam Karma that can also help. I won’t go into any other spam plugins as I don’t use any others besides Akismet, however there are plenty of plugins to try and find one suitable for your site.
  4. Another option is to only allow registered users to be able to comment. This means the user has to create an account on your WordPress site, they’ll receive their password by email, then they log into WordPress before they can comment. This used to be a suitable way to control spam however spam bots seem to be getting wise to this as I’ve read of people suffering from spam registrations too.
  5. My final suggestion, the most advanced but so far the most efficient, is to edit the filename of your comment script PHP file. Further details on how to do this is below. Why is this efficient? Because the spam bots are programmed to automatically post to the default file that processes the comment. By changing the filename the spambot will get a 404 error and not get much further. Whilst it’s not too hard to physically go to the website and find out the new filename, most spammers have these bots attacking 100s if not 1000s of websites and will hardly notice the bot getting 404s on a particular site. By using this method you’re not only cutting your emails down, you’re also stopping the comment from even entering the database. It won’t affect your human visitors as by using the correct route, your comments will still work like nothing has changed. The only downside to this method is that with each upgrade you need to remember to change the filename again, but it’s worth the difference for a couple of seconds of your time per upgrade. Since using this method, my comment spam has been cut from around 100 per day to no more than 10, and on other blogs I get 1 a week perhaps.

So, to carry out my final point you need to do two things. The first is to edit the filename in the root directory of your blog called wp-comments-post.php. Change this to something different eg. wpc123.php . Then you will need to open up the file called comments.php in your theme directory. Find the line that is

<form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform"></form>

Note: the id=”commentform” may or may not be there.

On this line, change the filename wp-comments-post.php to the filename you gave the actual file eg. wpc123.php Upload both files to ensure the changes are made on the server and then see the difference.

Comments are great on a blog. It’s nice to know who’s maybe reading your site, know that perhaps you’ve helped someone out, and possibly ‘meet’ someone who can help you out. Most of the sites I read and comment on were found via comments either on my own posts or comments on posts of other blogs I read. It’s a great way to connect sites and to also get a discussion on a particular subject going.

You may also like...