In the majority of cases, post comments are a good indication that a site is generating quality content to a healthy and attentive audience.

Often referred to as user-generated content (UGC), comments are great for SEO as they provide sites with free qualitative content, longtail keywords, and can help boost signals across social platforms.

There are times, however, when comments can hinder a website, particularly when the examples submitted are nothing more than spam.

Often a spam comment will be styled like an advertisement, or it will contain a link towards a site that is unrelated to the topic at hand.

Why comment spam can be harmful

Although it’s easy to assume that comment spam cannot harm your site, there are a number of ways that it can damage search performance:

  • Comment spam is often low in quality and this level of content can have a direct effect on a site’s search performance.
  • Sites with high levels of spam can affect how users interact with the site and this can lower its reputation.
  • Sites receiving high levels of traffic from spam can lead to webmasters confusing traffic data — leading them to make inaccurate conclusions.
  • The spam itself could be malicious and lead to real harm for your users.
  • If Google suspects that your site is hosting large amounts of spam, it could remove the offending pages from its index.

With all the above taken into account, what measures are webmasters or site owners able to take so that they can moderate user-generated content?

Consider not enabling comments

Although user-generated comments can work well for some sites, if a webmaster is unable to moderate the content, or if it does not offer good user value, it could be worth disabling comments altogether.

On the other hand, if you feel that comments could be useful on some of your posts, but not on others, you can be selective over where comments are activated.

Turn on moderation

You can set comments so that they only become live once moderators approve them. Comment moderation allows for near-total control of what kind of comments are appearing on your site.

This can also improve experiences for users, especially when discussing controversial or trending topics.

The downside to moderation, however, is that if your site experiences high levels of traffic, you could spend long periods simply reviewing content.

Another option is to ask that users submit and verify their email address once they sign up with a new account; this will restrict spam bots from creating profiles.

The option is also available to ban outbound links or embedded videos or images.

Consider implementing reCAPTCHA

reCAPTCHA is a CAPTCHA-like system that is free to implement.

You can sign up to the latest version to deter spammers from using your site.

With version 3 of reCAPTCHA, webmasters are provided with scores that rate the suspiciousness of particular activities.

This allows site owners to set a threshold, combine the score with their personal signals, and use the reCAPTCHA signals to train machine learning to fight the spam.

According to Google, “reCAPTCHA v3 helps to protect your sites without user friction and gives you more power to decide what to do in risky situations.

As always, we are working every day to stay ahead of attackers and keep the Internet easy and safe to use (except for bots).”

chattering teeth, like comment spam

Use “nofollow” tags in comments

As I mentioned earlier, you can ban comments that contain links, but if for any reason you wish to keep this capability in your comments, you can introduce the “nofollow” html microformat.

This means that any link within a comment will not be used when Google calculates PageRank or when it is determining the relevancy of your pages.

Although easy to implement, it does not stop spam comments from being made on your site.

It will, however, act as a deterrence and prevent spammers from targeting your site.

Prevent untrusted content from getting indexed

If by chance your site allows users to create profile pages, you can also deter spammers by preventing new pages or untrusted content from getting indexed.

The noindex meta standard is one way to block access to pages.

Once a user is found to be legitimate, you can remove the noindexing restrictions.

Turn to the community

We strongly advise any site to have reporting tools built into its comment section, and by implementing such a feature, trusted users can flag spam comments or threads.

Some sites even choose a setting where a comment has to receive a specific number of reports until it is presented for inspection.

This allows for more time to investigate serious offences and let slip posts that are reported accidentally.

Monitor IP addresses

If you discover a spammy profile you can remove it and any others created from that IP address before permanently banning them.

You can do this by logging in to your FTP server and opening plain text editor.

You can use the following text to deny people from specific IP addresses:

# allow all except those indicated here

<Files *>

order allow,deny

allow from all

deny from

deny from .*example\.com.*


If for some reason you want to block unwanted visitors from specific websites — perhaps ones that spammers are using or promoting — you can use the following:

# block visitors referred from indicated domains

RewriteEngine on

RewriteCond %{HTTP_REFERER} baddomain01\.com [NC,OR]

RewriteCond %{HTTP_REFERER} baddomain02\.com [NC]

RewriteRule .* – [F]

Use Google Alerts

As an extra tool for detecting spam on your site you could use Google alerts for detecting commercial, offensive, or adult keywords that shouldn’t appear on your site.

In the least, it is also an option to ban select keywords considered offensive or inappropriate, although this might only result in spammers becoming more creative in their language.

This tool is also very useful for detecting hacked pages.