Solved: Still Getting WordPress Spam After Installing Disqus
One of the reasons I decided to try Disqus was to combat spam, which can be absolutely relentless. So I was rather surprised to see spammy comments showing up in WordPress even after Disqus was installed. These were not flagged by Akisimet, and they were just sitting there as pending WordPress comments, apparently ignored by Disqus.
What didn’t work
The first thing I tried was going into my .htaccess and blocking the IP address which was responsible for all of these comments. I know that’s a temporary fix at best, but I wanted to at least stop it while I figured out a longer-term solution. Much to my dismay, the next day there were new spam comments in WordPress – from the IP address I had blocked!
“Maybe I did it wrong,” I thought. So I tried blocking that same IP via Wordfence and then again in cPanel… but the spam comments continued in both cases.
I began poring over older “how-to” posts online, mostly from 2010 through 2012, trying to figure out how to combat this problem. Some writers listed the extreme step of deleting the wp-comments-post.php file, or including some cryptic code in the functions.php file (I tried that code – and it still didn’t work for me).
The Simple Fix
Eventually I realized that these spam comments were not comments at all. They were trackbacks/pingbacks that were formatted to look like comments. Typically, a pingback in WordPress […looks like this…], but these pingbacks just looked like regular comments.
So the fix here was twofold: Turn off pingbacks for future posts, and disable them for older posts.
In the case of turning them off for future posts, that’s easy. Just go into Settings->Discussion and un-check “Allow link notifications from other blogs (pingbacks and trackbacks).”
But what about older articles? For one of my websites, this would have meant going through, oh about two thousand old posts.
That wasn’t gonna happen.
Fortunately, however, there is a way to do this which is not terribly time-intensive. Thanks to this writer, I found that you can turn off pingbacks for older articles in bulk. The key is to set your “Screen Options” to show more than just 20 posts at a time. In my case, I chose 100 posts.
I was worried that bulk editing posts might mess something up, or re-date them, or yield some unwanted side effects. That is not the case. The only thing that will change is whatever you select when bulk editing these old posts. In this case, we are only changing the pingback feature, and nothing else will change about the article, such as tags, category, or date.
For my 2000 articles, this took about 20 screens of 100 posts to achieve. It took about 5 to 10 minutes.
If you’ve installed Disqus, but are still seeing spam comments in WordPress, there is a good chance you’re actually seeing pingbacks. Turning this off for past and future posts will likely plug this hole and end this headache once and for all.