Comments can be useful on a website, but they’re also one of the easiest ways to create problems if you don’t configure them properly. I’ve worked on sites where comments added genuine discussion and engagement, and others where they turned into a constant stream of spam links and low-quality content.
On a fresh WordPress site, comments are often enabled by default. Many site owners don’t notice this until spam starts appearing or moderation becomes overwhelming. If you leave the default settings unchanged, you’ll likely spend more time cleaning up spam than getting value from real interactions.
Setting up comments properly from the start helps you control who can post, what gets published, and how much time you need to spend managing it.
Table of Contents
Quick Answer / Summary
To set up WordPress comments and prevent spam:
- Configure discussion settings in Settings → Discussion
- Require moderation for new comments
- Enable basic spam filters (keywords, links, blacklists)
- Use a trusted anti-spam plugin
- Decide whether comments should be enabled site-wide or only on specific content
Why This Matters
Comments affect more than just interaction. They impact:
- Site quality – Spam comments reduce trust and look unprofessional
- SEO – Low-quality or spammy links can hurt your site
- Time management – Poor settings lead to constant manual cleanup
In my experience, most small websites don’t need open comments everywhere. When comments are useful, they should be controlled and easy to manage—not something that creates extra work.
Step-by-Step Instructions
1. Open WordPress Discussion Settings
Go to:
- Dashboard → Settings → Discussion
This is where all global comment behavior is controlled.
2. Decide if Comments Should Be Enabled
At the top, you’ll see:
- “Allow people to submit comments on new posts”
If you want comments:
- Leave this enabled
If you don’t:
- Turn it off completely
You can still enable comments on individual posts later if needed.
3. Configure Basic Comment Rules
These settings control how users interact:
- Comment author must fill out name and email → Keep enabled
- Users must be registered and logged in to comment → Optional (reduces spam but also reduces engagement)
- Automatically close comments on older posts → Recommended for most sites
I usually enable auto-closing after 30–60 days unless the site depends on ongoing discussions.
4. Set Up Comment Moderation
Scroll to “Before a comment appears”:
- Enable “Comment must be manually approved”
- Enable “Comment author must have a previously approved comment”
This means:
- First-time commenters are reviewed
- Returning users are trusted (after approval)
This single step prevents most spam from going live.
5. Limit Links in Comments
Under moderation settings:
- Set “Hold a comment in the queue if it contains X links” → I usually set this to 1 or 2
Spam comments often include multiple links, so this catches them early.
6. Use Comment Blacklist Keywords
In the Disallowed Comment Keys section:
- Add common spam terms (e.g., gambling, adult content, suspicious domains)
This automatically blocks known bad patterns.
7. Install an Anti-Spam Plugin
Even with good settings, manual filtering isn’t enough long-term.
I usually recommend using a plugin like those available in the WordPress plugin directory:
- Spam filtering tools that automatically detect patterns
- CAPTCHA or challenge-based systems (optional)
Avoid overly aggressive tools that block real users. The goal is to reduce spam without harming usability.
8. Control Comments Per Post
You can override global settings:
- Edit a post
- Open the Discussion panel
- Enable or disable comments individually
This is useful for:
- Turning off comments on landing pages
- Allowing them on blog posts only
9. Moderate Comments Efficiently
Go to:
- Dashboard → Comments
Here you can:
- Approve legitimate comments
- Mark spam
- Delete unwanted content
Check this periodically instead of constantly reacting.
Practical Tips or Observations
In most sites I build, comments are not enabled everywhere. They’re usually limited to blog posts where discussion actually adds value.
A few patterns I’ve seen repeatedly:
- Sites with open comments and no moderation quickly fill with spam
- Manual moderation without filters becomes time-consuming
- Too many restrictions (like forced login) reduce real engagement
I usually recommend a balanced setup:
- Moderation enabled
- Basic spam filters active
- Comments open only where useful
Also, keep notifications manageable. WordPress can email you for every comment, which becomes overwhelming if traffic grows.
Common Mistakes
Leaving default settings unchanged
This is the most common issue. Default settings are too open for most sites.
Allowing comments without moderation
Spam will appear publicly almost immediately.
Using too many restrictive controls
Requiring login or complex verification can discourage real users.
Ignoring old posts
Older content often attracts spam. Closing comments after a period helps.
Not using any anti-spam tools
Manual moderation alone doesn’t scale.
When to Use This vs Alternatives
Comments are useful when:
- You run a blog where discussion adds value
- You want user feedback directly on posts
- Your content encourages questions or opinions
Comments may not be necessary when:
- Your site is focused on services or business pages
- You prefer contact forms for communication
- You don’t want ongoing moderation work
In many cases, a contact form or email-based interaction is easier to manage than open comments.
Conclusion
WordPress comments can either add value or create extra work, depending on how they’re set up. The key is to control them from the start—enable moderation, limit spam, and only allow comments where they make sense.
A simple, well-configured setup will keep your site clean, save time, and still allow real users to engage when it matters.
Etienne Basson works with website systems, SEO-driven site architecture, and technical implementation. He writes practical guides on building, structuring, and optimizing websites for long-term growth.