That annoying human spammers - Simple Solution for Spam in Drupal
Last couple of months we started to notice spam comments on our site. We have installed image captcha but obviously there are more and more human persons whose job is to manually spam sites.
We quickly created couple of triggers and actions that are sending emails and notify us when a new comment is created. Then we would manually check that comment and if it is a spam (>95% chance) we would put it into moderation.
Not a perfect process (and quite boring too) but it worked for us relatively OK. Spam gradually increased on our site - we started to get 2-3 human spam comments every day but we are always very busy with other projects... so we kept the non-perfect but working system.
Until one day we notice that we have about 20 spam comments that are laying around in our site and that were posted in the last month or so. Pfffft.... After quick investigation we figured out that our actions are disconnected from our triggers - who knows why, maybe some upgrade went wrong or somebody clicked in a bad place in a hurry...
We quickly reconnected actions and triggers but it was obvious to me that we should find a better solution. There are very advanced Drupal modules for spam out there like mollom... but they are all big and complex and I really wanted something dead simple.
So I started to investigate the situation and quickly figure the fundamental flaw of every spam - every spam needs to have at least one link that is leading to some spammer site. If somebody really wants to write a real comment on our blogs, he/she will maybe put some links inside, but a spammer will always put at least one link.
After 2h I had a module called spam_watchdog that is addressing this specific issue. This module will check newly added comments. If a link has been found in the comment, the module will put that comment in moderation and send a notification to site admin.
After 10 days of using it on our site we finally have perfect solution (or at least we have it for now ;) . spam_watchdog automatically moderates all comments with links. First 2-3 days of using we had 2-3 human spam comments per day. After that, they started to loose interest for our site (they are still trying, but there is nothing we can program against stubbornness ;-) . Now we have about one or two attempt of human spamming per week.
And this is exactly the solution I wanted to have: dead simple to install, just enable the module and forget about it. Combined with image captcha we eliminated the spam on our site (at least for now).
I am also attaching spam_watchdog module, maybe somebody else will find it useful.
| Attachment | Size |
|---|---|
| spam_watchdog-6.x-0.1-dev.zip | 8.42 KB |
tags
Recent blog posts
- Multivariate D7 Demo for drupalbusiness.org
- UPDATE: Community & marketing: identify focus groups based on site visitors pattern & web browsers
- How to install PECL PHP extension on 64bit linux while you are using 32bit XAMPP
- 500 internal server error while uploading files bigger then 100kb - mod_fcgid problem
- New stable releases of captcha_after module for Drupal: 6.x-1.2 and 7.x-1.0
- Drupal 7 is out!
- 'E-gov & Drupal: A love story' e-gov barcamp presentation
- www.montenasoft.at is online
- CAPTCHA AFTER module released!
- Drupalcamp Timisoara/Romania
Recent comments
- quality writing skill
2 days 23 hours ago - Thank You :)
1 week 18 hours ago - ZFArTENAvQjeXVKuf
2 weeks 3 days ago - npKzWCOFnw
2 weeks 3 days ago - PBXnrIODXBnl
2 weeks 5 days ago - respond this post
3 weeks 4 days ago - Thank you!
7 weeks 3 days ago - mZmHMGnZEkq
8 weeks 5 days ago - rAvPklxpSI
8 weeks 6 days ago - ffYUpoNkqzsoSvl
9 weeks 2 hours ago
Contact
MontenaSoft e.U.
A-1030 Vienna, Austria office@montenasoft.com
www.montenasoft.com
tel: +43 (0) 699 19084898
fax: +43 (0) 1 91 6789 5
Comments
hi Zeljko, thanks for the
hi Zeljko,
thanks for the t-shirt.
I see drupal is expanding in Ireland
groups.drupal.org/ireland
R
Human SPAM?
I've been receiving human-like SPAM these last days. It looks "quite human", but they're bots, and I found a way to stop almost all of them. Yesterday I received 52 SPAM attempts, but I developed a method that is working fine more than 95% of the times. This is acceptable with 50 attempts a day, but what if I become popular and receive, say, 500 attempts?
Therefore, I accept suggestions to improve my method. Please have a look at it.
http://www.isegura.es/blog/stop-spam-your-site-being-invisible-honeytrap...
good for spam boots
Hi Ignacio,
I have checked your code and logic - its perfectly OK for automated spam boots and it will probably work very well.
However on our site, because we are using image captcha protection form, we do not have problem with spam bots. But we have a problem with human spammers - and for human spammers your solution will probably not work very well.
There will be spam...
until google changes it's pagerank algorithm. There are too many programms on the market to search for high ranked pages with automated text fill in. The only thing a human has to do is fill out the captcha form, and that's done in a few seconds.
I would to thank Ignacio
I would to thank Ignacio Segura for his comment. Really helpful thnx.
There will be spam...
In response to nemag, maybe it's not Google's PR algorithm that should change but their SERP ranking algorithm. PR doesn't drive that much revenue to a website anymore but SERP rankings. It's what these Internet marketers are after. They are the human spammers and indeed they are very much annoying. I'm a wordpress user and these spammers are also frequent visitors to my website. Nice tool for Drupal you have here. :)
until google changes it's
until google changes it's pagerank algorithm. There are too many programms on the market to search for high ranked pages with automated text fill in. The only thing a human has to do is fill out the captcha form, and that's done in a few seconds.
Stop spam with userlogin
You can stop spam. Don't let users reply on a topic without a login.
And who will then stop logged
And who will then stop logged users to spam or create dummy accounts?
And what if I don't want to have user accounts for comments like on this site?
Version for Drupal 7
Hi - Just recently came accross your site. This sounds like an effective way to fight spam. I have found the same thing - spammers leave links in their posts. Will there be a Drupal 7 version of this module? I checked on Drupal for it, but did not find a project page.
Hmmm Drupal 7 version...?
Hi Brian and thanks for your comment.
Yes we are very effectively fighting with spam on our site with this module. You can not find this module on drupal.org for now because it was never released there.
If you really think that this solution would be good for you I can create first a project on drupal.org put Drupal 6 version there and then create Drupal 7 version.
What do you think?
Can stop spam bots
We had some great improvement on our form when we added a hidden form which should be empty. We had less spam via our forms. I think a Captcha code is not a good option for a webshop.
A valid point but also missed a point a bit
A valid point but what we also want here is to stop also a human spammers, having captcha or hidden field will not help you here at all.
Your comment is actually a good example, you definitly readed this post and answer to it in apropriate context, but you added url that is pointing to page where you sell monitors - and that is definitly not a context of this post ;). But anyway I enbled your post - because it is such a good example :)
So this module can only help site admins a little bit - each comment that have any link will be moderated and site admin need to define what to do with it. And it is working very on our site, so I am thinking more and more to port this module to D7 and add some more nice features to it; for example
- it would be cool that when you get email that comment is been moderated you also get link in email for unmoderating it - so you don't need to visit your drupal site and then login and then unmoderate comment - so it would fast a process to unmoderate valid comments.
- other nice feature would be to track all comments that are moderated by this module and then just delete them after some configurable time.
I will try to find some time in next month maybe to do this and publish module on ddo.
Thanks!
This sounds like a great approach. Please submit the module to drupal.org!
My problem is with logged in spam, however, so as is this won't fix my issues. My site only allows comments from registered users. But a spammer just added comments and triggered email notifications to hundreds of users.
Your module is a great solution, though, and perhaps a starting point for me. If I delete the lines about "don't do anything for logged in users" and then moderate all comments with links?
Post new comment