How to Stop Storing IP Address in WordPress Comments

After reading our article on how to allow anonymous comments, one of our readers asked us if it was possible to stop storing IP address in WordPress comments. Some site owners may want to do that to protect privacy of their users. In this article, we will show you how to stop storing IP address in WordPress comments.

Pros and Cons of Not Storing IP Address in WordPress Comments

By default, WordPress logs and stores IP addresses of users leaving comments on your website. These IP addresses are permanently stored in your database.

The reason for storing IP addresses with each comment is to help site owners combat with unwanted comments or spam. Plugins like Akismet can block comments from IP addresses known to be exploited by spammers.

Unless your users are using a VPN service, their real IP addresses can still be found in your site logs. Most WordPress hosting providers keep an access log of all visitors to your website for a limited period of time.

On the other hand by not storing IP address in WordPress comments, you can improve privacy of commenters on your website. They may feel more confident about expressing their opinions knowing that your site doesn’t store IP addresses with comments.

Method 1: Stop Storing IP Addresses in Comments with Plugin

This method is easier and recommended for new websites and beginners.

First thing you need to do is install and activate the Remove IP plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Once activated, the plugin will replace user IP with 127.0.0.1, which is an IP address typically used by localhost.

The plugin will not delete IP addresses stored with older comments. If you have older comments with IP addresses stored with them, then you may want to delete those IP addresses as well. We will show you how to do that later in this article.

Method 2: Manually Stop Storing IP Addresses with WordPress Comments

If you are comfortable pasting code snippets in WordPress, then you should use this method instead.

Simply add this code to your theme’s functions.php file or a site-specific plugin.

function wpb_remove_commentsip( $comment_author_ip ) {
return '';
}
add_filter( 'pre_comment_user_ip', 'wpb_remove_commentsip' );

This is basically the same code used by the plugin we mentioned in the first method. However, instead of storing 127.0.0.1, it leaves the IP field blank.

Remove IP Address From Old Comments

Regardless of which method you use to stop storing comments IP, old comments on your WordPress site will always have IP addresses stored with them.

If you have old comments on your site, then you may want to remove IP addresses from those comments.

We will show you how to do that by running a MySQL query on your WordPress database. It is really important to make sure that you have the most recent WordPress database backup.

Next you need to login to your WordPress hosting control panel and look for phpMyAdmin.

Make sure that you have selected your WordPress database by clicking on the database name in the column on your left hand. After that you need to click on the SQL menu.

This will bring you a text area where you need to enter this query:

UPDATE 'wp_comments' SET 'comment_author_IP' = '';

Click on the Go button below the textarea to run your query. That’s all, it will remove all IP addresses stored with comments in WordPress database.

Note: if you have a custom WordPress database prefix, then please adjust the wp_comments to your custom table prefix.

We hope this article helped you learn how to stop storing IP address in WordPress comments. You may also want to see our guide on how to add ask me anything anonymously in WordPress.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Stop Storing IP Address in WordPress Comments appeared first on WPBeginner.

How to Stop Spam Registrations on your WordPress Membership Site

Do you want to stop spam registrations on your WordPress membership site? Spam registrations are a common nuisance for site owners who run membership sites or allow users to register on their website. In this article, we will show you how to stop spam registrations on your WordPress membership site.

Method 1: Stop Spam Registrations Using WPForms

This is the easiest and most efficient way to deal with spam registrations in WordPress.

WPForms is the most beginner friendly WordPress form builder. It comes with a User Registration addon that allows you to easily add user registration form to your site while effectively stopping spam registrations.

WPForms is a premium WordPress plugin. You will need Pro License to access user registration addon.

WPBeginner users can use this WPForms Coupon to get 10% Off on their purchase.

First thing you need to do is install and activate the WPForms plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Upon activation, you need to visit WPForms » Settings page to verify your license key. You can get this key from your account on WPForms website.

After verification, you need to visit WPForms » Addons page. Scroll down to locate ‘User Registration Addon’.

You need to click on Install Addon button and then click on activate.

Next, you need to create a user registration form. Go to WPForms » Add New page. Provide a title for this form and then select user registration form template.

This will launch the Form Builder with user registration form template. You can edit the fields by clicking on them.

You can also drag and drop fields to rearrange them.

Next, you need to click on the settings panel. This is where you can configure form notifications, confirmation, and user registration settings.

Click on user registration tab to continue.

On this page, you can map the form fields to your WordPress user registration fields.

Scroll down and check the box next to ‘Enable User Activation’ option. This will reveal a drop down menu, where you can select the User activation method.

WPForms uses two creative ways to prevent spam registrations on a WordPress site. You can choose to send a verification email to each user, so that they can confirm their registration.

Alternately, you can require a site administrator to manually approve each registration on your WordPress site.

Choose the option that best suits your needs and click on the save button to store your form settings.

You can now add this form to any page on your WordPress site and then use that page as your user registration page.

Simply edit a page that you want to use as your user registration page. On the page edit screen, click on ‘Add Form’ button.

This will bring up a popup menu. Select user registration form you created from the drop down menu, and then click on add form button.

A shortcode for the user registration form will appear in the page editor. You can now save your page or publish it.

Visit your website to see your spam proof user registration form. Depending on your user activation settings, the plugin will either require users to verify their email address or an admin will have to manually approve each user registration on your site.

Method 2: Stop Spam Registrations with Stop Spammers Plugin

First thing you need to do is install and activate the Stop Spammers Spam Prevention plugin. For more details, see our step by step guide on how to install a WordPress plugin.

Once activated, Go to Stop Spammers » Protection Options. Stop Spammer Registrations is a powerful WordPress plugin which aggressively monitors your website for suspicious spam activity.

The default settings on this page will work for most websites. However, you can uncheck a few of them, if you feel lots of legitimate users are unable to login.

Don’t forget to click on the save changes button to store your settings.

The plugin uses a number of spam prevention techniques. It uses HTTP Referrer and Header requests to verify that a user is genuinely accessing your website.

It also checks against Akismet API for known spamming activity. The plugin also maintains a list of bad hosts known for tolerating spam activity and blocks them.

There is a small chance that sometimes this plugin would lock you out of admin area. If this happens, then simplest solution is to connect to your site through FTP and rename the plugin file from stop-spammer-registrations.php to stop-spammer-registrations.locked.

You can now access admin area of your site and WordPress will automatically deactivate the plugin for you.

Method 3: Stop Spam Registrations Using Sucuri

At WPBeginner, we use Sucuri to protect our website against spammers and other security threats.

Sucuri is a website security monitoring service. It blocks hackers, malicious requests, and spammers from accessing your site or injecting any malicious code.

See how Sucuri helped us block 450,000 WordPress attacks in 3 months.

We hope this article helped you stop spam registrations on your WordPress membership site. You may also want to see our guide on

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

The post How to Stop Spam Registrations on your WordPress Membership Site appeared first on WPBeginner.

Sick of WordPress Comment Spam? Five Ways to Stop It Today

alt="Sick of WordPress Comment Spam? Five Ways to Stop It Today" src="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/spamstats-500x332_c.jpg" />

Spam! We all hate it, yet marketers continue to inundate the average with spam at every turn. You likely get spam emails, spam popups and, if you own a WordPress site, spam comments posted to your blog. While Akismet and other spam stoppers do a pretty good job of filtering out this annoying comments, they are still…well, annoying.

What exactly is comment spam? This is when a third party posts to your site and includes unwanted links or promotes a product without checking with you first. Spammers tend to use automated software, so they might try to post 100 times to your blog within a matter of minutes.

Comment Overload

I’ll admit that during my busy time of year I might not check my blog’s comment folders as often as I should. Still, it had only been about 30 days and when I liked in, I had over 6,500 comments in my spam folder. No problem. WordPress lets you delete them with a click of a button, right?

Normally that is true, but in this instance my database kept timing out before it could delete that massive amount of comments in bulk. Instead, I had to go in and manually select about 20 posts at a time and delete them. I repeated this about 100 times before my database would let me delete them en mass. Your experience may be different, depending on your web host and space on your server, etc.

Stopping Comment Spam

href="http://www.webhostingsecretrevealed.net/blog/wordpress-blog/sick-of-wordpress-comment-spam-five-ways-to-stop-it-today/attachment/akismet-2/" rel="attachment wp-att-11605">class="aligncenter size-full wp-image-11605" src="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/akismet.png" alt="akismet" width="750" height="359" srcset="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/akismet.png 750w, http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/akismet-300x143.png 300w" sizes="(max-width: 750px) 100vw, 750px" />Akismet

Fortunately, there are a number of ways you can stop these annoying spammers. I’ve already mentioned href="https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CCkQFjAA&url=http%3A%2F%2Fakismet.com%2F&ei=drl6VOnVCMq1sQT7gYLgCQ&usg=AFQjCNFyof5vbr5LBXyTSXRDcWbFVEfpcw&sig2=02SqNvA6W9yH9vHEByn0WA&bvm=bv.80642063,d.cWc" target="_blank">Akismet. Most WordPress installations come with this plugin already installed. You can set up a free account at Akismet to get what is called an API key. You then plug that key into the plugin on your WordPress dashboard and it will begin to filter comments that are posted and meet certain criteria such as:

• keyword triggers
• links within the post
• strange usernames
• rapid-fire comment posting

Akismet is free for personal sites or charges a very small monthly fee for business sites of . It is well worth the cost.

Discussion Settings

href="http://www.webhostingsecretrevealed.net/blog/wordpress-blog/sick-of-wordpress-comment-spam-five-ways-to-stop-it-today/attachment/discussion-settings/" rel="attachment wp-att-11606">class="aligncenter size-full wp-image-11606" src="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/discussion-settings.png" alt="discussion settings" width="750" height="274" srcset="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/discussion-settings.png 750w, http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/discussion-settings-300x109.png 300w" sizes="(max-width: 750px) 100vw, 750px" />WordPress offers you the ability to set up the way your site handles discussion. You can stop any spam comments that Akismet doesn’t capture with specific discussion settings. You can require that people register before posting (this might limit the number of comments you get on your site, though). You can also set it up so that if someone has a previously approved comment they can automatically post without waiting for moderation.

Here is the best thing to do if you find you’re being overwhelmed with spam comments on your WordPress site:

• Open your Dashboard and navigate to “Discussion” under the “Settings” tab.
• Under “Before a comment appears”, check the box next to “Comment author must have a previously approved comment”. Alternately, you can also set the site to force manual approval of all comments.
• Under, “Comment moderation”, you can set up the number of links you’ll allow in a post before it automatically goes to moderation. I have mine set to 2 links. I don’t mind someone sharing a high quality link or their own (non-spammy) link. You may choose zero or any number you desire.
• In addition, you can create a comment blacklist. A blacklist has a set selection of words or URLs that if the poster tries to link to them, the site will go into moderation.

Remove the Ability to Post URLs

href="http://www.webhostingsecretrevealed.net/blog/wordpress-blog/sick-of-wordpress-comment-spam-five-ways-to-stop-it-today/attachment/no-comments/" rel="attachment wp-att-11607">class="aligncenter size-full wp-image-11607" src="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/no-comments.png" alt="no comments" width="750" height="277" srcset="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/no-comments.png 750w, http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/no-comments-300x110.png 300w" sizes="(max-width: 750px) 100vw, 750px" />There are times when you may want to prevent anyone from even adding any type of link to your site. This is actually not a bad strategy because it gives you complete control over all links on your site. This can be done with the simple use of a plugin. Some of the plugins that work for this include:

• href="https://wordpress.org/plugins/no-comment-links/" target="_blank">No Comment Links
• href="https://wordpress.org/plugins/hide-wp-comment-author-link/" target="_blank">Hide Comment Author Link
• href="https://wordpress.org/plugins/disable-comments/" target="_blank">Disable Comments

reCAPTCHA

Another plugin that you’ll see utilized by a lot of sites is the href="https://wordpress.org/plugins/wp-recaptcha/" target="_blank">WP-reCAPTCHA plugin. This is a free service that requires users to type in the words they see to prove they are a real person and not a bot. Remember when I mentioned above that spammers can post hundreds of posts to your site in minutes? reCAPTCHA shuts them down because they are using software and it cannot read the words and type in the matching answers.

Disqus

href="http://www.webhostingsecretrevealed.net/blog/wordpress-blog/sick-of-wordpress-comment-spam-five-ways-to-stop-it-today/attachment/disqus/" rel="attachment wp-att-11608">class="aligncenter size-full wp-image-11608" src="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/disqus.png" alt="disqus" width="750" height="369" srcset="http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/disqus.png 750w, http://whsr.webrevenueinc1.netdna-cdn.com/wp-content/uploads/2014/11/disqus-300x147.png 300w" sizes="(max-width: 750px) 100vw, 750px" />Another option is to use href="http://disqus.com" target="_blank">Disqus to manage the comments on your site instead of your ordinary WordPress built-in comments. This has a couple of advantages to website users.

Disqus is similar to Akismet in that it learns your preference on comments and will start to help you moderate over time. You can specify when comments need to be approved, if you allow links and you can also set up blacklists of words and links you absolutely will not allow.

Should You Worry About Comment Spam?

You may wonder if some of the links offer value to your readers and perhaps you should just leave them and not worry so much over comment spam. There are a number of reasons to remove this spam.

• Some readers absolutely hate spam and will not return to your site if you allow it.
• Search engines, such as Google, have begun to penalize spam and that includes sites that allow spam to be posted. Don’t risk it.
• It gives the appearance that you don’t really care who posts what on your site. If people see that you aren’t really moderating comments, they may not think through their responses. You may notice some flame wars starting on hot button topics. People may not be as polite as if they worry you won’t approve their comment.

Of course, the final choice is yours, but a well monitored site is a professional looking site.

Page 11 – Web Hosting Secret Revealed