Dealing with blog comment spam
If you run a blog that's been around for any reasonable length of time, whether it has high or low traffic, no doubt you've experienced or
you're beginning to experience the frustration of dealing with blog spam - comments
and trackbacks submitted automatically by seedy individuals looking to peddle their wares or
misinformed marketers and site owners looking for a quick fix to their traffic and ranking woes.
Just before I continue discussing dealing with the issue - if you've seen automated commenting systems touting to "explode" traffic to your site and boost your search engine rankings - steer clear of them; you'll make many enemies by using these systems and you could find that they actually damage your site rankings in the medium to long term.
When I moved over to a "real" blog format late last year; things were pretty quiet on the blog and trackback spam front. Over the last couple of months, it's really
crept up and sucking increasing amounts of my time in dealing with it.
.htaccess bans - thumbs down
Up until yesterday, aside from moderating all comments before they went live, which is an advisable approach; I was just using .htaccess bans where I could.
This is pretty simple to do; you just add the following to your .htaccess file:
#DAMNED SPAMMERS AND BOTS
deny from yyy.yyy.yyy.yyy
deny from yyy.yyy.yyy.yyy
deny from ccc.ccc.ccc.
allow from all
.. where the yyy.yyy.yyy.yyy is the IP number of the spammer or bot. In the case of ccc.ccc.ccc.; this bans a range of IP's e.g 192.168.0.1 -> 192.168.0.255
This method is time consuming and very ineffective against spammers with any sort of know how or even a dim-witted individual who is using one of the many applications for spamming blogs that have popped up on the market in recent times.
In most cases, the applications used for automated commenting generate spoofed (faked) IP's. A single spammer may appear to be submitting comments from dozen of IP's in a single session; and since the IP's are faked, you may find yourself banning IP's you really shouldn't be - like GoogleBot or many users of a major ISP.
Lost time, money.. and life
In the early stages of my blog, it just wasn't a big deal - a few spammers here and there; easy to deal with via the delete button and bans. But with the steady increase I figured I was starting to lose about 5 minutes - 10 minutes a day dealing with some of the crud that was being posted.
Over a year, that's between 30 - 60 hours.
Time is not only money, but I really resent the fact that at least 1 full day of my life each year was taken up with dealing with these scum sucking bottom feeders who were hitting my blog. It's just time you can't get back, no matter which way you slice or dice it. From a business viewpoint, there's more productive ways to spend that time; i.e. creating content, promoting your site and generating revenue.
- free trial offer!
Sick of spam/virus email clogging your inbox? You never have
to look at these emails again. Simple to set
up and use with your current email address!
Anti-spam blog plugins
The Akismet anti-spam plugin for blogs has been around for nearly a year - it's free for personal
use and cheap as chips for commercial users.
It took me a while to get around to trying Akismet; it was a case of "hmm.. must try that out one day". I really wish that one day had been months ago; but it meant upgrading my WordPress installation to v2. I was happy with my current version and aside from the spam irritation, it worked great for me and I had it otherwise well locked down.
So I bit the bullet and upgraded to v2; which was far less painful than I had anticipated; in fact it was a dream. I've installed, upgraded and patched enough software applications in my life to know that it's not always the case :). If you're still using a
WordPress installation prior to v2, as long as you follow
instructions, you shouldn't have a problem.
After upgrading, I noticed that the Akismet plugin was already included - it was just a matter of registering for an
API key which only took a minute to do and then activating the plugin.
The results: 140 spam comments caught in the first 12 hours - with no false
positives and no spam getting past Akismet. A false positive is just a false detection; marking something as spam when it's not.
With Akismet in place, when a comment or trackback is submitted to your blog it first scanned by the Akismet web service which then runs a battery of tests. If it returns as being "clean" the comment will then appear in your blog post thread or in your moderation queue depending on how you have your blog configured. If it's flagged as spam; the comment is saved in the Akismet database for 2 weeks, in case of false positives. After 2 weeks (15 days to be precise), it is automatically deleted.
According to Akismet, if by chance a "real" comment is intercepted; by manually allowing the comment through, the system then learns. I haven't had a chance to try this out yet as there's been no false positives :).
At the time of writing this, the Akismet system has intercepted nearly a quarter of a *billion* spam comments and trackbacks. To give you some idea of the degree of the blog spam comment problem, Akismet stats show that 93% of all comments and trackbacks passing through its filters are spam.
Akismet isn't just for WordPress blogs, it also supports Akismet over 20 other systems and platforms, including Movable Type, Drupal, Nucleus and b2evolution.
The Akismet system is free for personal use, but for commercial bloggers generating reasonable revenue from their blogging, Akismet politely asks that you subscribe to their pro-blogger Akismet API key. Paying for the service also gives you priority support and a faster, more reliable service
Akismet also offer licensing options for Enterprise. The Pro-blogger subscription is a measly $5 a month or $55 dollars a year. Given the amount of time I was going to end up spending over the coming year dealing with spam on my blog; 30 - 60 hours, it's a tiny price to pay for such an amazing service. There's nothing to maintain, it really is basically "set and forget".
Kudos to Akismet for such a great app!
Other blog anti-spam solutions
Akismet isn't the only option available; the following is a couple of other free anti-spam plugins for blogs:
Karma: for WordPress - works on versions 1.5.1+
Behavior: DotClear, Drupal, Geeklog, MediaWiki and WordPress
HasChash: WordPress v? - Prevents spambots sending their POST request to wp-comments-post.php
If you know of any other good ones, please email me and I'll
add them to the list.
Another anti-blog spam option you may want to investigate is using a Turing test/CAPTCHA system. CAPTCHA stands for (Completely Automated Public Turing test to tell Computers and Humans Apart"). You've most likely come across these before - it's where a user has to input characters displayed on an image before a comment or registration is accepted.
CAPTCHA is not an infallible system and it puts your visitors through another hoop before they can comment. Many people also find it difficult and frustrating to input the characters as they are often distorted on the image to prevent bots capable of OCR (Optical Character Recognition).
Still, if this option interests you, try running a search
... where "blogplatform" is the name of your
Spamming - the sad truth
Like email spam, blog spam can really have an impact on your business over a period of time. Even not taking into account the lost productivity and related loss of revenue from the disruption - it steals your life and increases frustration. Stress kills.
While we can't prevent the birth of idiot humans who engage in this kind of behavior (legally or ethically anyway), we can take steps to minimize their impact on our own lives and commercial concerns.
If you don't have any anti-spam strategy in place for your blog as yet as you're not seeing any spam; I can practically guarantee that will soon change. Spammers don't care if your blog gets one visitor a day or ten thousand; they will find you and once they do; you'll have no peace. Act now and get a strategy in place before the crud avalanche hits you :).
Anti spam - email filtering and blocking services guide
Taming the Beast
Tutorials, web content, tools and software.
Web Marketing, Internet Development & Ecommerce Resources
In the interests of transparency and disclosure, please
note that the owner of Taming the Beast.net often receives goods and services
mentioned in reviews for free, or may receive payments or affiliate commissions for
advertising or referring others to merchants of products and services
Copyright information.... This article is free for reproduction but must be
reproduced in its entirety, including live links & this copyright statement must be included.
for free Internet marketing and web development articles, tutorials and
tools! Subscribe to our popular ecommerce/web design ezine!
Click here to view article index