The Complete Magazine on Open Source

Secrets of spam prevention in Drupal

1.33K 0

Drupal spam prevention

It always starts slowly. Like it was never there to affect your website. That little annoyance which mostly remains unnoticed yet irritates you at times. And over time as it gets worse and the frequency increases, you know your website is being spammed. It is now that you start thinking about how to stop it. Is it possible to completely drown these spams and beat them to death? If you are too late, maybe not. But you can still curb the number of spam accounts and comments and ultimately stop them from damaging your site again.

Although it not as easy as it sounds, Drupal provides plenty of options to handle such issues on your websites. From modules that can analyse the content of your forms to filter out spams, to modules that rely on a database, Drupal has several solutions in store. Let’s consider these modules in detail.

Analysing content

The process of scrutinising the content of the submissions to find out at what level are they spamming is something which has kept the server-side email spam protection still at work. As most of the spam emails follow a very similar pattern, it is easy to identify this pattern and fish out the spammers. In Drupal, we have modules such as Mollom which can do this work for us. Developed by the founder of Drupal, Dries Buytaert, Mollom is intelligent enough to block spammers from posting malicious content using machine learning techniques.

Something more to look out for

Drupal makes sure that its modules are capable enough to fight spams efficiently. Next in line are two such modules which can play an important role in handling spams on your website. Bad behavior is a module that prevents the spambots based on its analysis of the type of the browser being used and comparing it to some of the known spambot profiles. It also gives you a detailed report on the type of spams and how they were handled.

Spambot (another module to handle spams), on the other hand, uses its database of known usernames, e-mail ids, IP addresses and other information to verify the authenticity of the user. One finding a spam account you can either block the account permanently or choose to delete it. But the bad news about this module is that it is limited by its database of known spammers and hence won’t be able to catch all every spammer on your website.

Handling non-bots

It is not surprising to know that the trouble makers are not always these sneaky little bots trying to spam your system. The recent times have seen an increase in the number of spams created by humans — trying to submit spams to forms available on various websites. And the fact that there is no effective way to tackle this problem makes these spams seem more dangerous, especially in cases where customers have an open-ended payment process such as donation forms or the social service forms. Thus, to prevent such attacks, it is critical to have a proper verification system and other fraud prevention services that can provide a security barrier.

Previously, spammy contents were used to generate traffic through spammy links in the comments section for a targeted website. But it is not the same case anymore. These days, the automated bots gobble up any form they find on your website with an assumption that such forms will end up in someone’s email. Preventing such spams on your Drupal site is the first step towards a secure website.