Preventing and Reducing Spam
Date: 19-11-2007 15:28 Views: 5918
Spam, or unsolicited comments, is a major drawback to running a site which allows user interaction. Blogs, forums and even content-driven sites suffer from automated scripts, or bots, which trawl the internet and abuse the user interaction capability of both bespoke and custom written software.
To date, MonkeyCMS is largely unaffected - on the sites we run directly, we've seen attempted spam registrations by the bucketload, but no-one has managed to get as far as posting unsolicited advertising on junk on any of our MonkeyCMS-powered sites.
However, that is not to say MonkeyCMS is immune - indeed, as it's popularity grows it will become more of a target and therefore one of our development aims has been to provide the tools you need to manage spam from an administration perspective. As long as there is money to be made, the spammers will continue to try their hardest to abuse the hard work that others have put into their own sites and therefore we wanted to make it as easy as possible to manage spam and abuse.
It should be noted that there are NO spam-proof applications or solutions that allow user comments and content - it's possible to use various techniques to tackle the problem, but none are foolproof. Any application that claims otherwise is not telling the whole truth. No method is 100% effective and often spam can only be caught at the last minute. Our philosophy in developing these portions of MonkeyCMS has been one of giving you the tools deal with spam when it happens, rather than prevent it altogether.
Traditional Spam-Prevention Measures
The most common spam-prevention measure used in the past is the 'Captcha' image - a small string of text displayed in an image using various masking techniques to make the text non-machine readable. The user would be asked to enter the text in order to register or use certain facilities of a site.
For a time, 'Captcha' images were quite successful in reducing spam, but unfortunately more sophisticated 'bots' have become common and 'Captcha' images are now more of a hinderance to genuine users than they are to spammers.
MonkeyCMS DOES support Captcha images for registrations - but we don't feel they are at all effective and by default, this is disabled. If you would like to enable 'Captcha's', all you need to do is ensure you are running on a server capable of using 'GD' image functions and turn on the 'Use GD' option in the Site Settings area of the control panel. We would not recommend the use of Captcha images as we feel they are off-putting and a hinderance.
User Moderation
Another method of controlling rogue registrations is to turn on user moderation, thereby requiring every user to go through a vetting process before they can post comments on your site. This is pretty time-consuming, but it does enable you to spot most duff registrations by means of their email address or username.
Some users will make it through the moderation process, so you may find that the benefits this method of spam prevention offers are outweighed by the time it takes to check users, particularly on a busy site.
To turn on User Moderation, set 'Moderate Users' in the Site Settings screen to 'Yes'.
As of Version 1.1.0, there is a quick link to users requiring moderation on the Admin Control Panel for your site for users who have the 'Site User Admin' permission.
Banned Email Addresses
One effective method of reducing spammers is to block registrations from people in certain top-level domains. Russian email addresses are a sure sign of a spammer, so you could set .ru to be a blocked domain. Of course this does prevent users who have a genuine .ru address from registering, but for most western websites this isn't a problem.
To ban email addresses, go to Users > Site Users > Access Restrictions > Banned Email Addresses
Moderating Comments
This is our favourite method of preventing spam - it is 100% effective and only requires minimal time from an administrator. You can turn on moderation for comments which prevents any comments from appearing on your site without you checking them first. This may become a bore if you have many users and expect many comments, so we also offer the option to only vet the first x comments a user posts. Thereby moderating new user comments and allowing trusted users to post unhindered.
This is the most basic of the comment moderation facilities offered by MonkeyCMS and you can enable these features in the Site Settings screen by setting 'Moderate Comments' to 'Yes' and selecting the number of posts a user has to make before they are trusted from the 'Moderate First X Coments' drop down.
Flagged Word Moderation
This option takes comment moderation a step further - it allows you to specify 'Flagged' or trigger words which force a post to be placed into the moderation queue. You might find that moderating every users first five posts to be overkill, and this option allows you to specify a list of words that would trigger the moderation process. By default the two main words are 'url=' and 'href' - these are often used by spammers trying to create clickable links within their comments to external sites. By flagging these words as an issue, any comment posted containing them would require your intervention before they appear.
Again, you might find that for trusted users this is unneccessary and you can therefore again restrict these checks to the first few posts a new user makes.
To make use of this facility, you can turn the main Moderate Comments option off and instead set 'Moderate Flagged Words' to 'Yes'.
To modify the flagged word list navigate to Content > Comments > Flagged Words
Moderating a specific user's posts
If you have a particular user who is causing trouble or you feel may be a potential spammer, you can even just moderate their posts. This means that you can vet everything they post on your site before it appears and all other users are unaffected.
To turn this option on, find the user by going to Users > Site Users > View/Edit Site User and from their profile set the 'Moderate Comments?' radio button to yes.
Viewing and Moderating Unmoderated Comments
Admin users can moderate comments at any time by navigating to Content > Comments > Moderate Comments.
You will be shown a list of all unmoderated comments and you can choose to approve, ignore or delete any or all of them.
You can also opt to ban any user and delete all of their posts if they are an obvious spammer or troublemaker.
To date, MonkeyCMS is largely unaffected - on the sites we run directly, we've seen attempted spam registrations by the bucketload, but no-one has managed to get as far as posting unsolicited advertising on junk on any of our MonkeyCMS-powered sites.
However, that is not to say MonkeyCMS is immune - indeed, as it's popularity grows it will become more of a target and therefore one of our development aims has been to provide the tools you need to manage spam from an administration perspective. As long as there is money to be made, the spammers will continue to try their hardest to abuse the hard work that others have put into their own sites and therefore we wanted to make it as easy as possible to manage spam and abuse.
It should be noted that there are NO spam-proof applications or solutions that allow user comments and content - it's possible to use various techniques to tackle the problem, but none are foolproof. Any application that claims otherwise is not telling the whole truth. No method is 100% effective and often spam can only be caught at the last minute. Our philosophy in developing these portions of MonkeyCMS has been one of giving you the tools deal with spam when it happens, rather than prevent it altogether.
Traditional Spam-Prevention Measures
The most common spam-prevention measure used in the past is the 'Captcha' image - a small string of text displayed in an image using various masking techniques to make the text non-machine readable. The user would be asked to enter the text in order to register or use certain facilities of a site.
For a time, 'Captcha' images were quite successful in reducing spam, but unfortunately more sophisticated 'bots' have become common and 'Captcha' images are now more of a hinderance to genuine users than they are to spammers.
MonkeyCMS DOES support Captcha images for registrations - but we don't feel they are at all effective and by default, this is disabled. If you would like to enable 'Captcha's', all you need to do is ensure you are running on a server capable of using 'GD' image functions and turn on the 'Use GD' option in the Site Settings area of the control panel. We would not recommend the use of Captcha images as we feel they are off-putting and a hinderance.
User Moderation
Another method of controlling rogue registrations is to turn on user moderation, thereby requiring every user to go through a vetting process before they can post comments on your site. This is pretty time-consuming, but it does enable you to spot most duff registrations by means of their email address or username.
Some users will make it through the moderation process, so you may find that the benefits this method of spam prevention offers are outweighed by the time it takes to check users, particularly on a busy site.
To turn on User Moderation, set 'Moderate Users' in the Site Settings screen to 'Yes'.
As of Version 1.1.0, there is a quick link to users requiring moderation on the Admin Control Panel for your site for users who have the 'Site User Admin' permission.
Banned Email Addresses
One effective method of reducing spammers is to block registrations from people in certain top-level domains. Russian email addresses are a sure sign of a spammer, so you could set .ru to be a blocked domain. Of course this does prevent users who have a genuine .ru address from registering, but for most western websites this isn't a problem.
To ban email addresses, go to Users > Site Users > Access Restrictions > Banned Email Addresses
Moderating Comments
This is our favourite method of preventing spam - it is 100% effective and only requires minimal time from an administrator. You can turn on moderation for comments which prevents any comments from appearing on your site without you checking them first. This may become a bore if you have many users and expect many comments, so we also offer the option to only vet the first x comments a user posts. Thereby moderating new user comments and allowing trusted users to post unhindered.
This is the most basic of the comment moderation facilities offered by MonkeyCMS and you can enable these features in the Site Settings screen by setting 'Moderate Comments' to 'Yes' and selecting the number of posts a user has to make before they are trusted from the 'Moderate First X Coments' drop down.
Flagged Word Moderation
Again, you might find that for trusted users this is unneccessary and you can therefore again restrict these checks to the first few posts a new user makes.
To make use of this facility, you can turn the main Moderate Comments option off and instead set 'Moderate Flagged Words' to 'Yes'.
To modify the flagged word list navigate to Content > Comments > Flagged Words
Moderating a specific user's posts
If you have a particular user who is causing trouble or you feel may be a potential spammer, you can even just moderate their posts. This means that you can vet everything they post on your site before it appears and all other users are unaffected.
To turn this option on, find the user by going to Users > Site Users > View/Edit Site User and from their profile set the 'Moderate Comments?' radio button to yes.
Viewing and Moderating Unmoderated Comments
Admin users can moderate comments at any time by navigating to Content > Comments > Moderate Comments.
You will be shown a list of all unmoderated comments and you can choose to approve, ignore or delete any or all of them.
You can also opt to ban any user and delete all of their posts if they are an obvious spammer or troublemaker.