Many people associate spam with emails from deposed foreign dignitaries in dire need of help, but spam has evolved over the years. Today, it comes in many forms and can be found all over the internet.
What is spam and how can you prevent it from littering your website?
What is spam?
The Merriam-Webster definition of spam is “unsolicited, often harmful messages — including emails, pop-ups, online posts, or even phone text messages — that are sent to a large number of people or shared in a large number of places.”
People distribute spam with various intentions, including:
- Collecting or stealing money
- Collecting or stealing personal information
- Installing malware or viruses on computers
- Boosting website search engine rankings (using tactics against search engine algorithms)
According to the Google Webmaster Central Blog, Google noticed a 32 percent increase in hacked websites in 2016, along with a rise in websites affected by unwanted software and ad injectors. Spam is beginning to target mobile users, redirecting them away from the pages they’re trying to view.
Spam on WordPress.com
As an internet user, you may occasionally run into spam. As a website owner, there are even more factors that you need to be aware of. Several types of spam can make their way onto your site, including spam user registrations, backlinks (hyperlinks that direct back to your website), posts, contact form submissions, and most commonly, spam comments.
It’s important to combat spam on your website for many reasons, as visitors may question the integrity of your brand. This could cost you new fans and business.
Furthermore, spam can negatively affect your search engine ranking, according to KissMetrics. For instance, if your site has too many spam backlinks, Google and other search engines may penalize you, making it harder for people to find your content.
Anti-spam plugins for WordPress
The good news is that there are many tools available to help you combat spam on your WordPress website.
First, if your site is hosted on WordPress.com, you’ve covered: your site is automatically protected thanks to features baked into WordPress.com.
Self-hosted WordPress sites should install the free Jetpack plugin, which includes important security features like brute force attack prevention. For additional protection (such as spam filtering and malware scanning), you can upgrade to more comprehensive paid plans.
If you have a WordPress.com Business site, you can install additional security plugins to safeguard your website. One highly recommended option is Sucuri Security, which includes invaluable features such as post-hack security actions, remote malware scanning, and blacklist and file integrity monitoring.
Another comprehensive security measure is the All In One WP Security & Firewall plugin. This service provides user registration and login security, brute force login attack prevention, and comment spam security, amongst other security functions for your WordPress.com site.
Security best practices for WordPress.com
While plugins can go a long way in protecting your WordPress site, you should still follow standard security best practices. A few pertinent rules to follow are:
- Create a unique username — don’t just use “admin.”
- Use a complex, unique password with a combination of letters, numbers, and special characters.
- Add another layer of protection with two-factor authentication.
- If you have additional users on your site, grant them only the privileges they need.
- Regularly monitor your comments section for spam.
Keeping your website secure means keeping your fans safe from malicious content. This translates into ensuring that your fans come back to your site in the future.
ABOUT THE AUTHOR
Go WordPress 