Tag Archive for: anti-spam

Giving your visitors a place to comment on content or in a forum on your site is a great way to encourage interaction and build a bond with potential customers. But, it can be a headache trying to keep any sort of open comment area clean from spammers, trolls, and other sorts of nogoodniks.

This creates two different problems. If visitors see your pages and blog posts are followed by nothing but spam and other types of website vandalism, they’re likely to think less of your brand and potentially move on to someone else. Additionally, you can even get penalized by search engines like Google if it detects an abundance of spam or malicious links or code on your site.

So what can you do to keep your forums and blog comments clean of those seeking to use the opportunity for their own ends without shutting it all down? Google recently offered a few tips to make sure the only comments and posts your visitors see are from real humans interested in building a valuable discussion around your brand and products:

  • Keep your forum software updated and patched. Take the time to keep your software up-to-date and pay special attention to important security updates. Spammers take advantage of security issues in older versions of blogs, bulletin boards, and other content management systems.
  • Add a CAPTCHA. CAPTCHAs require users to confirm that they are not robots in order to prove they’re a human being and not an automated script. One way to do this is to use a service like reCAPTCHA, Securimage and  Jcaptcha .
  • Block suspicious behavior. Many forums allow you to set time limits between posts, and you can often find plugins to look for excessive traffic from individual IP addresses or proxies and other activity more common to bots than human beings. For example, phpBB, Simple Machines, myBB, and many other forum platforms enable such configurations.
  • Check your forum’s top posters on a daily basis. If a user joined recently and has an excessive amount of posts, then you probably should review their profile and make sure that their posts and threads are not spammy.
  • Consider disabling some types of comments. For example, It’s a good practice to close some very old forum threads that are unlikely to get legitimate replies.
  • If you plan on not monitoring your forum going forward and users are no longer interacting with it, turning off posting completely may prevent spammers from abusing it.
  • Make good use of moderation capabilities. Consider enabling features in moderation that require users to have a certain reputation before links can be posted or where comments with links require moderation.
  • If possible, change your settings so that you disallow anonymous posting and make posts from new users require approval before they’re publicly visible.
  • Moderators, together with your friends/colleagues and some other trusted users can help you review and approve posts while spreading the workload. Keep an eye on your forum’s new users by looking on their posts and activities on your forum.
  • Consider blacklisting obviously spammy terms. Block obviously inappropriate comments with a blacklist of spammy terms (e.g. Illegal streaming or pharma related terms) . Add inappropriate and off-topic terms that are only used by spammers, learn from the spam posts that you often see on your forum or other forums. Built-in features or plugins can delete or mark comments as spam for you.
  • Use the “nofollow” attribute for links in the comment field. This will deter spammers from targeting your site. By default, many blogging sites (such as Blogger) automatically add this attribute to any posted comments.
  • Use automated systems to defend your site.  Comprehensive systems like Akismet, which has plugins for many blogs and forum systems are easy to install and do most of the work for you.


Source: Adriano Gasparri

Source: Adriano Gasparri

Spam is a pain in the butt, but we bloggers have to deal with it on a daily basis. WordPress is as bad about spam as any other CMS, but there are a variety of options to help weed out the spammy nuisance. The most popular plug-in is Akismet, which most WordPress bloggers already take advantage of, but it doesn’t do near as much as most of us would like.

Instead of relying on Akismet, it is best to have a multifaceted defense that helps keep spam of all sorts out of the picture. Cats Who Code recently shared a list of snippets and “hacks” all aimed specifically at erasing spam management from your WordPress responsibilities. I’m sharing the different ways you can deal with the spam issue that have been highlighted in their article, but if you want the code for a specific solution, they are all available on their blog.

One method involves targeting any and all comments with extra long urls. If you haven’t noticed, most spam comments come with super long urls, which make them easy targets once you know what you’re looking for. But, there is a code you can paste into your functions.php file that marks any comment with a url over 50 characters as spam.

Similarly, you may also notice that most legitimate commenters are perfectly happy to not include any url at all. They are there to join the conversation, not sell their own site after all. This means you can fight spam simply by removing the url field from your comment form. Some commenters won’t be too excited about the change, as it is nice to get an added boost to your site simply by sharing your expertise on other blogs, but most won’t be too hurt by the decision.

Spammers are very predictable, and the most common trick they use is targeting specific keywords. As such, creating a keyword blacklist that uses the most frequently targeted keywords for spam will allow you to mark any comments using a mess of the target keywords as spam. It is a more focused approach than those above, but it can also affect commenters who just happen to use important keywords in their responses.

You have many more options when it comes to fighting spam, but it is best to take a look at the spam you’ve already been dealing with, so that you will know exactly what you’re dealing with before you start blocking tons of comments for every spammy tactic. You don’t want to accidentally weed out legitimate commenters while you’re on your anti-spam war path.