How to Stop Spam Links in WordPress Comments

Reading Time: 3 min, 2 sec

Spam comments are one of the most common headaches for WordPress site owners. Over the years, I have managed multiple websites, and automatic comments filled with random links are always a major issue. These comments not only make your site look unprofessional but can also negatively impact SEO and user experience.

In this guide, I will show you how to stop spam links in WordPress comments effectively, using both custom code and practical strategies I have personally used on client sites.

Why Spam Links in Comments Are Harmful

Most spam comments are posted by bots automatically. They often include links to low-quality or malicious websites. Even if these links do not directly harm your site, they can:

• Make your blog look spammy and unprofessional.
• Reduce user trust and engagement.
• Potentially affect your SEO if search engines detect spammy links.

By targeting comments that contain links, you can prevent a large portion of spam before it even reaches your moderation queue.

Method 1: Automatically Block Comments Containing Links

One of the easiest ways to stop spam links is to filter comment content before it is published. You can do this by adding a small snippet of code to your theme’s functions.php file or a site-specific plugin:

// Automatically block comments containing links
function block_spam_links_in_comments($approved, $commentdata) {
    $comment_content = $commentdata['comment_content'];

    if (preg_match('/https?:\/\/[^\s]+/', $comment_content)) {
        return 'spam'; // Send comment to spam folder
    }

    return $approved;
}
add_filter('pre_comment_approved', 'block_spam_links_in_comments', 10, 2);

How it works:

• The code checks each comment for http or https links.
• Any comment containing a link is automatically marked as spam.
• Comments without links are processed normally.

This simple solution stops most automated spam bots effectively.

Method 2: Block Comments from Known Spam Domains

Sometimes, you may want to block only specific spammy websites while allowing safe links. You can create a blacklist of domains:

function block_specific_spam_domains($approved, $commentdata) {
    $comment_content = $commentdata['comment_content'];
    $spam_domains = array('spamwebsite.com', 'badlink.net');

    foreach ($spam_domains as $domain) {
        if (stripos($comment_content, $domain) !== false) {
            return 'spam';
        }
    }

    return $approved;
}
add_filter('pre_comment_approved', 'block_specific_spam_domains', 10, 2);

With this approach, only comments containing links to blacklisted domains are blocked. Safe links from genuine users are still allowed.

Method 3: Remove URL field from Comment form

WordPress comment form also features a URL field. Most spammers exploit it. So, you can also think of removing URL field from WordPress comments form. I have arleady written a detailed guide on removing URL field from comments form.

Additional Anti-Spam Measures That Work

Blocking links is effective, but combining it with other strategies provides the best protection:

• Akismet Plugin: Automatically filters spam comments with high accuracy.
• Captcha or reCAPTCHA: Stops automated bots from posting comments entirely.
• Comment Moderation: Hold comments for review if they contain multiple links.
• Close Comments on Old Posts: Spammers often target older posts, so automatically closing comments on posts older than 30–60 days helps.

Note: Not all links are spam. Frequent commenters or registered users may include legitimate links. You can adjust your custom code to allow trusted users while blocking unknown users. This ensures your site remains secure without stifling genuine engagement.

Conclusion

Spam comments with links are a persistent problem, but they are manageable with the right approach. By filtering comment content, blacklisting spam domains, and using tools like Akismet and Captcha, you can keep your WordPress site clean and professional.

From my experience, a layered approach works best: automated filtering handles most spam, moderation catches unusual cases, and trusted users can still participate freely. Implementing these strategies will save time, reduce frustration, and protect your site’s credibility.