Saving your drupal site from spam


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Saving your drupal site from spam

  1. 1. SAVING YOUR DRUPAL SITE FROM SPAM – Review of different spam modules
  2. 2. As our website grows, so does grows the spam attack on it. Thereare several well-known methods to prevent the spams. Here Ihave reviewed 4 of the most commonly used drupal modules toprotect spam:1. Captcha2. Hidden Captcha3. Spamicide4. Mollom
  3. 3. CAPTCHA is the oldest and most widely used spam filter. Itpresents with audio/visual challenge to the user which they mustsolve inorder to prove that they are human. But the smartestbots are smart enough to solve these challenges as well.However, we can prevent bots by increasing the difficulty oramount of distortion in the captcha.
  4. 4. I have seen sites presenting with most difficult captchas which Iam never able to get through in first few attempts, I endup believing that I am a bot!Difficult captchas do prevent spams but this of course comes atthe cost of punishing our faithful users with difficult challengeswhich may refrain participation.
  5. 5. HIDDEN CAPTCHA is a user friendly solution and this isthe thing I like about it – it does not require my users to provethat they are human and while they are being screened theydon’t even get to know that their post is being tested.It doesn’t test whether the poster is a human rather it testswhether the poster is a bot and then restricts posting by bots.This module creates hidden fields which are not visible to humanposters but bots tend to fill in each and every field.The moment bots fill in fields not visible to human posters,hidden captcha classifies it as spam and doesn’t allow it to beposted.
  6. 6. One reason why I wont be using Hidden Captcha is that with littleexperience the bots learn to skip the fields meant to catch them.To outsmart the bots I’ll have to regularly and smartly keepchanging the questions so that I can fool the bots every time.This filter is of course easy and user friendly but the time factorinvolved in keeping the filter robust is something we all are notready to compromise in our busy schedule, we want somethingthat is that is robust and easy for us as well as our users.
  7. 7. SPAMICIDE is very much similar to hidden captcha. Thismodule also creates hidden fields not visible to human posters.Both hidden captcha and spamicide are well maintained andpopular, but hidden captcha depends on the CAPTCHA modulewhile spamicide is standalone. CAPTCHA can count the numberof times it misses whereas Spamicide doesn’t count.Spamicide auto-injects itself in all forms which is kind of a wastefor all the Admin forms.I will always prefer spamicide over the first 2 modules discussedhere because it is easy to use, easy to set-up and it filters outmost of the spam.
  8. 8. Mollom is like a human moderator on autopilot and it is oftenreferred to as “intelligent” web service.The way mollom function is, by splitting the content into 2categories: ham or spam. Ham is the desirable content posted byus “the human being” whereas spam is the undesirable contentposted by the bots that needs to be filtered out.
  9. 9. All the incoming content undergoes mollom screening and getspublished on the website only if it falls under the “ham” category.Mollom keeps updating its deciding factors by analyzing thehistory of activities within its network.It also considers the content of the post and poster’s reputationwhile determining whether to post the content or not. WheneverMollom is unsure, it performs second level check – by presentingto the poster an audio or visual CAPTCHA challenge that theymust complete in-order to post the content.I have found Mollom as one of the most robust filter for spamwhich keeps getting intelligent. Atleast one filter that getsintelligent as the bots are getting intelligent.
  10. 10. Captcha Hidden Spamicide Mollom CapthaMethod of Spam Challenge response Hidden input Hidden input Filters out spamDetection test field field based on intelligent content moderationUser friendly No Yes Yes Somewhatspam filtrationprocessUser interaction Required Not Not Required Seldom Required RequriedDependency on None Depends on None Noneother module Captcha Module
  11. 11. Captcha Hidden Captha Spamicide MollomPros Easy to setup and Identifies bot Does not Believed to block blocks nearly all activity when hidden interfere with 99.93% of spam spam. It comes with a fields are filled. No the user and offers two few different styles interference with experience in SPAM prevention and is quite user experience. anyway. techniques. The configurable traditional CAPTCHA test, and an invisible word filter.Cons Not user friendly. It doesn’t block as Spamicide auto- The filter can Advanced spam bots much spam and you injects itself in all sometimes flag can understand the need to change the forms which is legitimate entries captcha and get question every so kind of a waste as spam. Users still through. It takes up often once spammers for all the Admin have to read and space on the page start to catch on. forms. type in the and adds visual About once or twice captcha. clutter. a month.
  12. 12. Of the 4 modules, Mollom is the most effective spam filter and itis growing on its intelligence to use it for spam monitoring.However, this is also not a 100% cure for spams. But usingMollom with Spamicide is an effective shield for your Drupalwebsite against spams which in most cases filter out 99.99% ofthe spams.
  13. 13. Visit www.drushield.comto stay updated on How to keep your Drupal install protected