I saw a great question on Twitter this morning from Meredith Miller that immediately made me realize that the same question is probably being asked in a lot of companies.
I think it’s a great question because every company will be different, but for 99% of companies out there they probably feel safe blocking the common swear words. I’m not sure I would recommend that for a couple of reasons.
When you use the normal WordPress comment blacklist feature (under Settings -> Discussions -> Comment Blacklist) you enter either a word (or part of a word) or an IP address (or part of an IP address) and if the comment contains that string of characters then the entire comment gets marked as spam.
An easy example is the word “ass”. Sure nobody wants to be called a pain in the ass, or worse, but adding it to your blacklist means that any comment using the words association, passionate, passed or assumption gets flagged as spam.
WordPress blacklists should be monitored like every other part of your blog. It should grow organically and slowly as you see spammy comments. If you plan on being very involved with your blog and receive notifications when new comments appear you can probably stay on top of the spam that way.
For a personal blog, I say let it all in and deal with it. Business is different though. Most of the time, moderating blog comments is probably pretty low on the priority scale so having some type of strategy to deal with comment spam makes sense.
Akismet is a good start. It catches a fair amount of spam, but the spammers are always battling to leave better spammy comments. I usually also recommend the WordPress plugin Cookies for Comments. It requires that the visitor attempting to leave the comment have the ability to store a cookie – which the automated comment spam bots do not.
What about YOUR blacklist? Do you include names of the top executives, ex-employees, competitors?