STEP BY STEP AND ILLUSTRATED: How to protect your WordPress blog by using Akismet
This is alarming to me because it is not just spam you want to protect against in your comments; it is a wide variety of creative ways to attack your blog, some of which leads to SQL injection (meaning the hacker tries to take control of your database and your content), cross-site-scripting traps (meaning the hacker tries to take control of your readers' browsers and through them, their computer and any identity information that's not encrypted or locked down), or even just straight viruses.
Of course you can just turn the comments in your blog completely off. But for many people this defeats the purpose of having a blog, and makes you miss out on many benefits of user-generated content.
For this reason I put together this little how-to guide, aimed squarely at true-blue non-tech WordPress newbies that genuinely think something like this is complicated. It's not! You just need someone to guide you through it.
Note: I spent a bit of time on this and I'm doing it to help new people avoid frustration and problems. During making this I had a lot of thoughts of how basic this is and had many doubts of whether this would really be useful to anybody... But I went ahead with it anyway just in case. I do ask then that IF you find it useful, please do press the Thanks button or leave me a reply so that I know my effort was worth it. Also if you know someone who might appreciate the step-by-step, very basic nature of this guide then please point them to this thread.
Getting And Activating The Plugin
First we're going to determine if you have the Akismet plugin installed and whether or not you need to update it. Make sure you are using WordPress 2.7 at the least! Preferably 2.8. If you are not upgraded, then do so before doing anything else.
We begin in our WordPress Dashboard, right after logging in. On the left, click the menu item that says "Plugins":
This takes you to your plugin page, where you can see a list of the plugins you have installed. Now, usually Akismet, because of its name, will be the first or second plugin on the list (it's alphabetized).
If you don't see any entry on the list that says "Akismet", then skip down to "If You Don't Have Akismet Installed".
Check the list entry for Akismet. If you have had your blog for a while, there's a good chance that your plugin is out of date. This is easy to correct: simply find and click on the bottom of the list item where it says Upgrade Automatically. If you don't see any upgrade link, then simply click the Activate link on the left.
If you had to upgrade, you'll see the following screen, in which you have the chance to Activate the plugin directly.
If you had the plugin installed and successfully activated it, you can skip forward to "Once The Plugin Is Activated".
If You Don't Have Akismet Installed
No problem! We can install it easily without ever leaving the WordPress admin panels. Simply go to the left and click on the menu item Add New, under Plugins:
This takes us to the Install Plugins page, where you can go to the search box and type in "akismet" then press Search Plugins.
As you can see, the first result is of course, the latest and greatest version of the Akismet plugin. Go ahead and press Install on the right.
You'll get a popup on a block background. Don't worry about anything here - Just ignore everything and press the big orange button on the top right.
If everything went fine, you'll see the following screen, where you get the chance to Activate the plugin right away.
Once The Plugin Is Activated
Once you install and activate your Akismet plguin you'll see the following screen:
Note that Akismet is not actually active yet! You need to get your personal WordPress.com API key. This is not as complicated as it sounds. I will cover this in the next post (because there is an image limit per post).
- Harry Behrens
- Harry Behrens