If your site provides for the possibility of leaving comments, then the question of its reliable protection against spam is critically important for you. Every day, more and more spam attacks are being reported. So how to make sure the same problem never happens to you? How to protect your online resource from spam attacks?
#1 – Email Validation
The first thing you need to do to combat spam is to properly customize the form for leaving comment or form for adding entries to guestbooks. For example, you must necessarily check that all mandatory fields of the form have been filled in to ensure that the sender’s e-mail address is valid (that is, it meets the rules for creating e-mail addresses). By the way, this is also important for the overall security of the site. You can also check the website for spam using Cleantalk API https://cleantalk.org/, which is easy to do.
#2 – Captcha Check
Another common method of automated spam protection is the so-called captcha check. CAPTCHA, or completely automated public Turing test to tell computers and humans apart, is the name of special tests that allow you to distinguish computers (bots) from people. The real person can easily solve the problem (undergo a test), but the computer is not able to cope with it. As a general rule, captcha looks like a picture with something like distorted letters or numbers on it. A user is supposed to manually enter the combination he sees on the image. Everything is easy.
#3 – Special Plugins
In addition to CAPTCHA, you can find many plugins on the Internet that quite reliably protect your resource from spam. For example, Akismet or WP-SpamFree for WordPress, Simple Anti-Spam for Drupal, EasyCalcCheck PLUS for Joomla, or CleanTalk for these and most other CMS. Their main task is to automatically check comments and block those that look like spam.
#4 – CleanTalk as Your Best Solution
CleanTalk is a cloud service for protecting websites from spam; it provides a simple and convenient comment/registration form for visitors, which will not require the visitor to prove that they are human. The solution saves time and resources spent on site moderation and manually checking all the comments. All requests are stored in the cloud, including blocked ones, which prevents data loss.
Additional features of the solution are:
- blocking POST requests by country, IP and email;
- blocking inquiries by stop words;
- blocking POST and GET requests by IP and by subnet masks.
How Does It Work?
The antispam module transmits the parameters of the visitor, browser, IP / email, and the text of the message. These parameters are evaluated, and the service decides whether to post a message or define it as spam and reject. Based on such checks, the service generates its own list of IP / Email addresses used by spambots. Not only IP / Email is added to the blacklist but also the domains of sites promoted through spamming. All this happens automatically and does not require any action from the site administration.