Fighting Comment Spam

Submitted by jbreland on Sat, 02/10/2007 - 23:33

Steven (not verified)

Sun, 02/11/2007 - 00:16

Cemmonk spaxam loi ox sungs. Pum usow te bidd dit um pit fraxangrich pi Faxayosiaxan birtol. Zolo axalo plefaxafrupp pit bod prugins / veduros bel wrupaxar axarloaxadupp vaxado.

That was just some gibberish.

Yeah, I'm an "axasskero"

Comment spam really sucks. I used to fight it with a blacklist and Bayesian filter. There are probably a few plugins / modules for drupal already made.

I'd like to send a big, heartfelt "fuck you" to all of the assholes that have been posting comment spam to my site of the last year or so. Thank you so much for repeatedly wasting my time and energy on such pointless and meaningless work.

As I've mentioned in previous posts, the next version of my site is currently in development. Preventing (or at least severely limiting) comment spam is one of the primary design goals, so hopefully this should be much less of a problem in the future. I'd like to ask anyone out there who has experience with this problem - how have you dealt with it? My next site is built on Drupal. Are there any Drupal-specific modules or techniques that you would recommend? I've been doing research into this area myself, but I'd be very interested in hearing some first hand experience of what works (as well as what doesn't).

As for the current iteration of LegRoom, I've written a script that will let me easily:

  • Delete the malicious registered user that is posting the spam
  • Delete all spam comments made by that user
  • Update all articles with the correct number of legitimate comments

Needless to say, this script saves a ton of time compared to searching for and deleting all spam comments one at a time. Big thanks to my buddy Bill for helping me with some of the SQL statements involved.

I'm making this available to anyone else that may be able to benefit from it. If you run a PostNuke site and have issues with comment spam, you should certainly check it out. If you download it, though, please pay attention to the PostNuke version listed in the Requirements. I strongly recommend testing on a backup copy of your database before running it, especially if you have a different version. This script has only been tested against the listed version, so please be careful not to delete any valid data.

You can download a copy of the script from here:

pn_clean_spam.php.gz

Have fun nuking those comments. :-)