{"id":165,"date":"2008-07-17T02:27:59","date_gmt":"2008-07-17T07:27:59","guid":{"rendered":"http:\/\/www.jasonmorrison.net\/content\/?p=165"},"modified":"2008-07-21T15:37:28","modified_gmt":"2008-07-21T20:37:28","slug":"how-to-keep-spam-off-your-blog-bulletin-board-or-forum","status":"publish","type":"post","link":"http:\/\/www.jasonmorrison.net\/content\/2008\/how-to-keep-spam-off-your-blog-bulletin-board-or-forum\/","title":{"rendered":"How to keep spam off your blog, bulletin board, or forum"},"content":{"rendered":"

\"Columns<\/a> Spam, it’s not just for breakfast<\/a> and email anymore.\u00a0 Webspam is a huge problem – if you run a blog or a forum, you’re probably familiar with the gobs and gobs of gibberish being posted all over the web by spammers.<\/p>\n

This humble blog, which only gets a few hundred visitors per day, has had over 17,000 spam comments since I moved over to WordPress last year.\u00a0 Having your site inundated with comment spam can be just as big a headache as getting hacked<\/a>.\u00a0 No one wants to spend hours every day sorting the good posts from the bad.\u00a0 I’ve already written about how to totally clear out a spammed forum<\/a> and erase all traces of it’s reputation-marring existence, but the best solution is prevention.<\/p>\n

Here are some steps you can take to help prevent spam on your blog or forum.<\/p>\n

Keeping Spam off Your Blog<\/strong><\/p>\n

This section assumes you’re hosting your own blog and can add plugins and make configurartion changes, and my examples will be WordPress-heavy because I’m more familiar with WordPress.<\/p>\n

Option 1:\u00a0 Close or restrict comments.<\/strong> Most blogs give you some options to restrict who can comment on articles.\u00a0 In WordPress, you can require that users create accounts to comment under Settings -> General.\u00a0 This might not help too much since I’ve seen hundreds of automated user accounts created right alongside the spam.<\/p>\n

You can also require that comments are approved before they appear – in WordPress look under Settings -> Discussion.\u00a0 This will stop your blog from being graffitied without your knowledge but also requires manual effort.\u00a0 You can also disallow trackbacks and pingbacks, which are really cool in theory but a major avenue for automated spam.<\/p>\n

You can also shut down comments completely, or disable comments on old posts<\/a>.\u00a0 At that point you may be throwing the baby out with the bathwater, but it’s certainly effective.<\/p>\n

Option 2:\u00a0 Make sure commenters are real people with a captcha.<\/strong> Even if you’re not familiar with the term, you’re familiar with captchas.\u00a0 They’re the little widgets at the end of a form where you have to decipher some scrambled text from an image.\u00a0 Many blogs have captcha options built in, but if you’re looking for a captcha plugin be sure to balance usability with security.<\/p>\n

I’ve used the Did You Pass Math plugin<\/a> with some success.\u00a0 Jeff Atwood has used an extremely simple captcha<\/a> for years on his high-traffic blog.\u00a0 Recaptcha is a really cool project<\/a> that helps fight automatic posting and digitize old books at the same time.<\/p>\n

Option 3:\u00a0 Use an automatic filtering system.\u00a0<\/strong>If you’re using WordPress, I have three words for you:\u00a0 Akismet, Akismet, Akismet!<\/a> Seriously, Akismet is so good at automatically marking spammy commetns and trackbacks that it’s almost scary.\u00a0 If you’re not using WordPress, you may still be able to find an Akismet plugin for your blogging platform<\/a>.\u00a0 There are other systems worth trying as well such as Spam Karma<\/a> but I have less experience with those.<\/p>\n

Keeping Spam off Your Forum<\/strong><\/p>\n

Again, I’m assuming you are hosting the forum yourself or can otherwise make config changes.\u00a0 I’ll use phpBB (version 3) as an example because I’ve used it in the past.<\/p>\n

Option 1:\u00a0 Restrict user accounts.<\/strong> This can be a tough call, because when you start a forum you want to make it as easy as possible for people to join in the discussion.\u00a0 Unfortunately, allowing anyone to register and begin posting without any admin approval also opens the door for spammers.<\/p>\n

In phpBB this setting can be found in the Administration Control Panel under Board Configuration -> User Registration Settings.<\/p>\n

Option 2:\u00a0 Again with the captchas.<\/strong> Captchas aren’t 100 percent garanteed to remove spam but they do help.\u00a0 If your forum software doesn’t have a captcha or a captcha plugin, I would seriously consider upgrading to a version that does or switching forums completely.\u00a0 I know it’s a huge pain but waking up one morning to find 10,000 spam posts is even worse.<\/p>\n

In phpBB3 look under Board Configuration -> User Registration Settings for a setting called “Enable visual confirmation for registrations” and make sure it’s turned on.\u00a0 You can change the details under Board Configuration -> Visual confirmation settings.<\/p>\n

Option 3:\u00a0 Try to find an automatic filtering system.<\/strong> This is harder than for blogs.\u00a0 There was an Akismet phpBB mod but it’s apparently not being maintained.\u00a0 There’s a workaround involving the Spam Words mod that you can read about here<\/a>.\u00a0 The Spam Words mod<\/a> might be worth trying on it’s own too.\u00a0 Here’s a thread with more options for phpBB2<\/a>, search around and find what’s available for your forum software.<\/p>\n

Even without automated filtering, you can try to slow down the spammers by setting a time limit between posts (most human beings don’t type as quickly as spambots do).\u00a0 Other options, such as disallowing links and BBCode, are pretty drastic but might make your blog less enticing.<\/p>\n

Just for fun:<\/p>\n

Spam, spam, bacon, and Spam<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Spam, it’s not just for breakfast and email anymore.\u00a0 Webspam is a huge problem – if you run a blog or a forum, you’re probably familiar with the gobs and gobs of gibberish being posted all over the web by spammers. This humble blog, which only gets a few hundred visitors per day, has had […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[19],"tags":[311,268,309,88,308,111,220,46,310,110],"class_list":["post-165","post","type-post","status-publish","format-standard","hentry","category-blog","tag-akismet","tag-blogging","tag-captchas","tag-how-to","tag-phpbb","tag-plugin","tag-spam","tag-web-development","tag-webspam","tag-wordpress"],"aioseo_notices":[],"_links":{"self":[{"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/posts\/165","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/comments?post=165"}],"version-history":[{"count":2,"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/posts\/165\/revisions"}],"predecessor-version":[{"id":172,"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/posts\/165\/revisions\/172"}],"wp:attachment":[{"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/media?parent=165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/categories?post=165"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.jasonmorrison.net\/content\/wp-json\/wp\/v2\/tags?post=165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}