There are several solutions which can be completed:
1. Make sure that your WordPress script is updated to the latest stable version. Detailed instructions regarding the WordPress update can be found on the corresponding tutorial page.
2. Install a captcha plugin. A good choice is the WordPress ReCaptcha plugin. Comprehensive instruction on how to install a WordPress plugin can be found here. Once activated, the plugin will prompt for the public and the private API keys. The visualized link will take you to the corresponding Google web site where you can get the API keys for free. Paste them in the corresponding fields and activate your ReCaptcha plugin for comments and users registrations.
3. WordPress comes with a preinstalled antispam solution – Akismet.
In order to use Akismet, you should have a WordPress API key.To receive a WordPress API key, you should register at the official WordPress website. The key will be included in your welcome mail.
If you already have a registration at WordPress.org, you can see your API key by visiting the WP dashboard.
To enable Akismet for your blog, follow the steps below:
STEP 1Go to your WordPress admin area > Plugins > Installed.
STEP 2Click Activate.
The Akismet plugin will be activated.
STEP 3Click “enter your WordPress.com API key” (you can also click Akismet Configuration in the Plugins section)
STEP 4Enter your WordPress API key.
STEP 5Click Update options>>.
STEP 6If you have entered a correct API key, it will be verified.
From now on your blog will be protected from spam by Akismet. You will be able to check the comments in your blog for spam, as well as manually mark comments as spam from the blog admin area > Comments.
You can also display on your blog’s front page how many spam posts have been stopped by Akismet. To show this information, you should add the Akismet widget to your sidebar. More information how to do this can be found in our article on how to add a widget to the WordPress sidebar.
4. Additionally, you can prevent the comments posted by visitors that come from suspicious and malicious IPs. This can be done using the WordPress Project Honey Pot plugin.