Catching the Spammers with Spambot

Submitted by admindm on Mon, 11/04/2013 - 20:57

 

Introduction

Ok so your hoping that your site will be popular. As soon as there is a link to your site somewhere on the internet its likely a spambot will find it. The most common spambots job is to sign up for an account and post links to other sites anywhere it can on your site. If you have a website at somepoint you will likely be offered a link building service. They will offer to get you thousands of backlinks a month for a fee of a few hundred dollars. These spambots are how they do it and if you don't protect your site it will get filled with spam from these bots. Sometimes they even pay people to put these links up but usually its automated. If you really want links you should chooose carefully who you go with. Getting links this way can backfire and have the wrong effect but I can rant on about that for hourse so lets stay on topic.

The great thing about these automated bots is that they often use the same email address over and over again. You have likely had to click a link in an email to activate an account before, so does the spambot so it needs to recieve the email somewhere. The lovely people at stopforumspam.com have been amassing a database of common spammers usernames and email addresses and the spambot module uses this database to block spambots. You can also report spammers who are not on the database and it gets them added. You can also choose what action to take when a user is detected as a spammer. You can block the account or delete it. You can also decide what to do with the content they created, eithe runpublish it to deal with later or delete it.

Start by downloading the spambot module
http://drupal.org/project/spambot
If you don't know how to install modules see our backup and migrate guide

Once you have downloaded the module, install and enable it like you would any other module in drupal.

Using Spambot

Using Spambot is fairly straightforward. Once its enabled go to the configuration page and you should see a new entry "Spambot" under the system section, this takes you to the Spambot configuration page.

Spambot Module configuration

The configuration is split into 3 sections the first of which is "Spammer Criteria". This is how strict you want to be on deciding if a new user is a spammer. You can check by email address, username or IP address. You need to bear in mind that most IP addresses are dynamic so today an IP might be a spammer but tomorrow you could be given that IP address so don't be too harsh with IP addresses. You should also consider using the username check sparingly. Its very unlikely that username "klsdnfgngflsakusdbfkjenc" is a real person so a small number of them being reported would indicate a spammer but what about "Dave72". I'd guess that is a very common username and if you are very strict with the username check you might get legitimate users banned. I'd also recommend setting the email setting to a value above 1. It only takes one forum admin to mark something as spam by accident on a bad day and all of a sudden your legitimate users are getting banned, a small number should be ok though.

Configuring spambot

The next section is the user registration section. This allows you to decide if you would like to only scan existing accounts manually or scan every attempted signup (the default). I'd leave this set to check the user registration page but you may want to change the message to something a little more friendly or suitable for your site. There is also an option, which I love, to delay any blacklisted users for a small amount of time. This wont do much to real users if they get blocked by accident but if you get a spambot attempt to sign up for 100 accounts it will really slow it down, giving you a warm fuzzy felling that you are ruinging a spammers day. The last option in this section is to report blocked users as spammers. You will need an api key for this, more on that later.

Spambot installation

 The last section allows you to scan existing user accounts. All you need to do is set the maximum number of accounts to check to something other than 0 and then run cron, which should be running automatically anyway. If you set this to a very high number cron can take a very long time to run. I'd set it no higher than 100 to be safe, unless you have so many users that would not be practical. You are offered the option to block accouts or delete them, obviously its safer to block accounts than delete them but that depends on your own preference. You will be told how many accounts there are and how many have already been checked. You could leave this, or you could run cron manually now to see how many accounts get blocked or deleted. 

Configuring spambot module

Now would be a good time to register for a stopforumspam API key. This allows you to send information to the stopforumspam website so they can add more spammers to their database. First visit the stopforumspam.com website and go through the registration process. Once your registered go to the API Keys section in the user panel. Near the bottom of the page you will see the "add new key" button. Click on it. You will be asked to provide your name and your web address. You will also be asked to complete an image to confirm you are a human and not a spambot. Once you have assembled the image click on create my account. You will be sent the api key via email but once its been generated it you can get it by visiting the API Keys page again where you should see your website listed. You might want to check the public box here too as it will give you a backlink once your website has reported enough spammers. Once you have got the key, enter it in the box at the bottom of the spambot configuration page and save the settings.

 

 

 

Drupal Spambot module configurationDrupal Spambot module configurationDrupal Spambot module configurationDrupal Spambot module configurationDrupal Spambot module configuration

Blocking Individual Users

If you do find a spammer posting on your forum or your website you dont need to go into the spambot configuration to get rid of him. Click on the users name and you will be taken to their profile page. You should have a new tab on their page, spam. If you click on the spam tab you are given options to remove and report the user. The default setting is to unpublish their content and block the account. You can delete the account if you wish and this is up to you. It also good to see here that it also tells you how many nodes and comments the user has placed. Once you click take action you will see my only irritation with this module that you will then get asked the same again by Drupal itself. Its only a minor point though.

Drupal Spambot module configurationDrupal Spambot module configurationDrupal Spambot module configuration