Home

How to Avoid Spams on Your Website?

user warning: Unknown column 'type' in 'field list' query: SELECT module, type FROM drupal_captcha_points WHERE form_id = 'user_login_block' in /home/yoyokits/public_html/sites/all/modules/captcha/captcha.inc on line 60.
Sat, 05/03/2008 - 13:41 — yoyokits

If you are using free and well known Content Management System (CMS) for your website, after a few weeks your website online, probably you will get many spams. The spams can be in the forms:

  1. Comments to your articles with many links to others website.
  2. Undesired articles for offers some products or only the website links.
  3. Messages in your forum based Content Management System.
  4. Huge number of users with strange names that do destructive action.

If your site is getting big and bigger, the spams are also increasing and you will not have time to remove the spam users, articles, comments and so on. There fore you need the method to avoid them efficiently. The way the spammers reach your website is mostly using software that can parsing the search engine results. Each well known CMS has pattern for processing the action of the user like the user registration, giving the comment, subscribing articles or sending the message to the discussion forum.

The easy pattern of using the CMS has two side, the advantages are:
User can simply recognize how to register, write message, write articles, unsubscribe and browsing the content because most of the CMS have the same pattern.
Beside advantages, there are disadvantages too. The disadvantages are:
this pattern making easier for spammers to do their action by attacking many websites using a single software. Spammers learn the pattern of the CMS, how they can automatically register, sometime even send verification email, send comments, send articles and some others action.

After learning the pattern, then the spammers can make a software for automation the registration, sending articles and so on. The software has capabilities also to search the website based on the CMS that they have already studied. It allows to spam many website automatically. Several CMS has themes that can easelly shown the CMS that they are used, for instance give the text powered by certain CMS.
What ever the spammers do, we can avoid or minimize the spammer action to our website by:

  1. Made your own CMS if it possible.
  2. Use approval for user registration if the website is not to big.
  3. Use captcha or image with character that user should write to differenciate between human and machine. Captcha can be used for registration or writing the articles, comment and other action.
  4. Remove the content of your theme that contains information about the CMS that you are using.
  5. Install modules for avoiding the spams like article or comment subscribtion filter. The module will filter user input, if there are some pattern that indicate as a spam (like many links, using certain words and so on).
  6. Install module for automatic IP address black listing for the spammer.
  7. Remove the user that is identified as a spam.
  8. During removing the spam, strick the user to access the website.
  9. Activate email verification for user registration.

The action above are the main step for avoiding the spammer, if there are still spam left, please read the others possible modules for your CMS and install them if it is necessary.