In WordPress, you can choose how to moderate comments. I HIGHLY recommended that you moderate all comments!

If you have “Comment author must have a previously approved comment” selected in “Discussions” under Settings in the WordPress Admin dashboard, you’re exposing your blog to comment spam and links to malicious sites. If you feel that this is a hassle to moderate every comment, than you can select WordPress to notify you anytime a comment is held in moderation.

In your WordPress Admin area, go to Settings and click on Discussions. You should see “Discussion Settings” on your dashboard. Check the following boxes as picture below.


By selecting these options, you will protect your blog from comment spam and links to malicious sites. You know the old saying, fool me once shame on you, fool me twice shame on me. It’s important to understand that once your blog becomes infected with links to bad sites (also called neighbors), you’re jeopardizing the reputation of your blog.

If your blog has the NoFollow attribute removed, you’re passing a vote to all external links on your site in Google’s eyes. It’s like being an accomplice to a crime, so to speak. You could get your site removed from Google’s index.

Here’s an example of a comment author that I approved, who came back and left a second comment with a link to a malicious site.

First Comment

Blog Post: Beware of Fake Swine Flu Emails
Comment: It’s a shame that people pray on other people during a time in which we are all vulnerable to this Flu. I just hope when they answer to god, they get what they deserve.

Second Comment

Blog Post: The Best Antivirus for Removing Malware
Comment: This is awesome, keep them coming! Again, very useful information.

I left out the actual URLs to prevent anyone from clicking on the links. The comment author had the same email and IP for both comments.

This person was able to get under my radar, pretty sneaky.