Collecting the Internet So You Don't Have To

We work on the Internet. As such, we are constantly consuming information. Believe me, there is a lot of it out there. Sometimes we even forget things unless we write them down. Our blog covers everything from web standards to the muppets, php to comic books, music and everything else that we find interesting. Leave us a note when you drop by.

Preventing Comment Spam

Technology
Julian Moffatt
Julian Moffatt CEO / Partner
Visual Lizard
work
1 (204) 957-5520 ext:1
toll-free
1 (888) 237-9559
url
http://www.visuallizard.com
Julian Moffatt Purveyor of Good Times

Comment spam is something we have all come to hate. How do you keep it out of your blog? Here are a few of the methods that Visual Lizard uses in our projects.

Akismet.com

If you have ever used WordPress, then you are familiar with Akismet. It is a brilliant, behind-the-scenes, web service that you can feed your comments through. Installing Akismet is a snap if you use WordPress, as there is a dedicated plugin ready to roll. All you need to do is sign up for an account and plugin your details.

If you are using our Catalyst CMS, it is just about that easy as well. We have written a plugin that hooks your site into your Akismet account. We then pass comments, form submissions and the like through the Akismet API and it takes care of the rest. 

One of the major advantages to Akismet is that it happens behind the scenes. There is no extra field to fill in on your form in order for a visitor to submit it. This is good for your visitors and good for the health of the web. Since we hooked up Akismet, we have seen spam reduced to almost zero. Regular form submissions come in without issue and we no longer have to weed out spam every morning.

 reCaptcha.org

reCaptcha started out as an independent project to digitize books, prior to being acquired by Google. Whenever someone fills in reCaptcha on a website, the data is fed back to their systems. By taking a known word and an unknown word, the data that comes back is gathered and then analyzed to figure out what the unknown word actually is. The words are then returned to the texts that they came from, hence the digitizing.

reCaptcha was our go to method for ages. They deliver a service through their API. We are then able to style, re-align and adjust their forms as we need to in order to get them to fit into any web project. In addition, reCaptcha offers an audio version of their service if your visitors are visually impaired. Thus making their form element completely accessible. 

If you can't or don't want to pay for Akismet, then reCaptcha is the way to go. With all the sites we have that use reCaptcha, we see very little comment spam.

 Comment Via Twitter

On our current site, we are using Akismet on the contact form at the bottom. However, on our blog, you will notice that we have hooked into Twitter's API for comments via oAuth. We did this for a few reasons. We wanted people to own the comments they leave behind. While anonymous comments are sometimes insightful, they have been few and far between in the past. By attaching the comments to Twitter, in order to leave a comment, you have to be brief and attach it to a valid twitter account.

Secondly, with the authentication step, oAuth effectively adds a barrier that spam bots are not able to navigate. Eventually they will figure this out, but for now we are a step ahead.

Human Test Questions

A simple question that would be hard for a computer to answer, such as "is fire hot or cold?" or "what is 4 plus 3?". The idea behind a human test question is that you ask and get an answer that someone would have to interpret. We have tried using a few different human test questions in the past and they have worked in preventing robotic comment spam.

While human test questions can eventually be solved by comment bots, if you put a little extra work into your human tests by adding a database of a half dozen questions or so, then you will be able to thwart most of the bots for the near future. If you update your questions every so often, then you should be able to say well ahead of them.

If you don't want to use Akismet or don't like the way reCaptcha looks, then human tests are the best choice.

Naked Forms

Obviously these are the not a good choice anymore. Given the volume of robot spam out there, any naked form will get hit at least once a day if your site has any amount of inbound links. The more inbound links, the more likely you are going to get pulverized by spam. 

If, for some reason, you have to go with a naked form, make sure you that you can turn on comment moderation within your CMS or that you have a pretty robust spam filter on your inbox. That is the best advice we can give you.

If you have any other favourites, be sure to leave a comment via Twitter and we will update the post once we have explored them. Happy building!