I got a problem at my blog. I got visits from kind bots who leave "nice" comments to my blog posts :(
I'm wondering if there is a smarter way to keep them out, besides using the captcha modules.
My problem with the captcha modules is that I thinks they are anoying to the user :(
I don't know if it's any help to anyone but my site is in asp.net mvc beta.
Have you thought about using this?
http://akismet.com/
From their FAQ
When a new comment, trackback, or pingback comes to your blog it is submitted to the Akismet web service which runs hundreds of tests on the comment and returns a thumbs up or thumbs down.
It's a really easy to use system, which I highly recommend.
I've had good luck with Honeypots and Hashes.
By making it difficult for robots to post successfully, you can let users post without registration, captchas, or false positives from akismet.
Have a CAPTCHA that is really simple. Perhaps make it always "orange"? I don't think anyone's done that before.
Akismet is definitely the #1 method I know of for limiting spam comments. Also nice to offload that to a 3rd party (at a reasonable price).. that way if client complains, just 'shift the blame'
Another option is to incorporate something like mod_security's spammer signature file. They have a list of keywords you can scan a comment for and place the message to be moderated if you got a match. Though if you had a message board that actually discussed topics that contain these keywords, you'll need a lot of moderators. :-)
Also may want to consider scanning IP's and matching them against SpamHaus or DCShield's block lists. We recently started this approach and it has done wonders.
Things that don't work: requiring registration, simple captcha's, user agent... these can be automated or defeated with cheap labor.
I think you have several options...
Require registration to post comments - but thats more annoying than captcha, so probably not the best idea
Examine the user-agent of the poster (see here) for something that looks genuine or exclude those which look suspect
Use a nice Captcha. As annoying as they are, used properly they aren't that bad. It took me 7 attempts to sign up for a gmail the other day because i just couldnt read what it said. A nice captcha though isnt that bad really, kept it short and READABLE
If the spam you are receiving is link-heavy you could assume any comment that contains >= 2 links is a spam comment and not post it to the blog unless the blog author approves them. This is what most comment-spam plugins do. I'm currently working on a blog software and I adopted this solution in the interim until I can integrate akismet fully.
I made spam into someone else's problem by using Disqus to run my blog's comments. There has been no spam since switching, Disqus keeps on top of it.
A few answers advised Akismet but I disagree and consider dynamic captcha approach the best one
Related
I'm looking to help a friend who needs a website for his project. I know wordpress a little, but there might be better options.
The needs are:
- have a splash screen prompting for region (like this site)
- have some pages available only for a given region.
- allow the non-it guy to update the contents.
Wordpress is the only one I know as web design isn't my specialty. I'd have gone for a template like Avada, but again, better leads are more than welcome.
Thanks in advance for your inputs!
Ok, the downvote really helped me and certainly will help other users as there's no comment whatsoever explaining why this post is bad. Don't give leads or guidance by the way.
So, whatever. I found a solution to this. The following plugin works like a charm:
https://www.fla-shop.com/products/wp-plugins/world/continents/
A simple purchase gives total control and removes the watermark. The best part regarding my need was the capability to write custom callback code as explained in this article.
https://www.fla-shop.com/blog/adding-custom-javascript-to-the-map/
I installed Contact form 7 in my wordpress blog and there are several spam messages coming through it. Then I added really simple captcha/ recaptcha for the form. But still the spam messages are getting submitted.
How can I block this? Please help me.
Thanks in advance.
There are a lot of papers and works related to spam blocking. For example, you can ask easy questions, like 2+7 instead of captcha but i dont know how powerful is that now, because spammers are also improving themselves.
You can also block by looking at their behaviour, for example, spambot enters to your website, and after one-two second it sends its spam to your website, this is not human behaviour, so dont allow that post.
You can search on google about that and I'm sure you can find a lot of stuff related to it
As I said, there is a lot of research going on in this issue, you can use google scholars too
Also this question looks similar to your question.
You can try to use the honeypot plugin: http://wordpress.org/extend/plugins/contact-form-7-honeypot/ (Note: I haven't tested it, but I use a similar functionality in Gravity Forms, and it works great!).
Make sure to activate the Akismet plugin. It will help capture a good deal of the spam that gets through your forms.
I would also advice to use at least a combination of Captcha and Akismet like Bill already mentioned. You can find a very good tutorial on this topic at http://cool-tricks.net/contact-form-7-configuration/
I've been looking for the 'perfect' comment system for a wordpress blog I'm working on.
First, there is Disqus/intensedebate/etc... :
Pros: Easy to set up, somewhat customize-able (to a limit), removes load from your server, social.
Cons: Syncing with wordpress can sometimes be a problem, external bugs can ruin your comment flow, there's no fallback for javascript-less users, lots of embedded code.
Then, Wordpress native comments:
Pros: Deeply integrated with the blog, highly customize-able, saves the huge junk of javascript thats being embedded into your blog, easier to provide fallback options
Cons: Not native-ly social, ???
For me, Wordpress comments would seem like the best option.
The only problem is the social integration.
My questions is ;
what do I do with the data I receive by the users AFTER they log into a social network? (I already know how to create the login gate and get the required info back...)
I thought about simply saving their; email, name, picture (which you get from the social network) like what's being done when people comment without a social network...
The problem is I don't have any experience with the wordpress database and I have no idea where to start. Normally my best bet would be to use the wordpress codex but I couldn't find much there.
P.S; Please, no plugins!
There are amazing plugins out there but I love to learn to do stuff by myself.
If someone could just throw some useful links to me or theoretically what needs to be done, I'd be super thankful!
I was looking for the same 'solution', but couldn't find a proper answer (like 5 months ago). I recommend the Nextend series of plugins, Facebook, Twitter and Google+. Maybe you can look at the code inside this great plugins. Here's the Nextend Facebook Connect http://wordpress.org/extend/plugins/nextend-facebook-connect/
For me is the 'cleanest and unintrusive' way of implementing a social connection for the comments in Wordpress, because you can handle the users as you wish, and the comments template works in the way you want to work.
You can look in here http://dfine.me/2012/11/500px-lanza-aplicacion-oficial-para-iphone/ to take a look to the implementation.
An article that maybe can help you a little http://www.tutorialstag.com/create-custom-wordpress-registration-page.html maybe with that you can write the 'Social Info' to the Wordpress db.
I was looking at amazon.com and noticed for a product like: "Really Really Really Long Book Title," they will have a URL like: "amazon.com/Really-Long-Book-Title/ref?id=1&anotherId=2,"
and for a short title like: "Success," they will add other words, like the author name: "amazon.com/Success-John-Smith/ref?id=1&anotherId=2." If I remove these words, like so: "amazon.com/ref?id=1&anotherId=2," the URL still resolves.
Does it hurt SEO to have multiple URLs that resolve to the same page?
How are these words even added to the URL? Is it done programmatically, or do they have someone hand-pick words and store them in a database for each product?
I've been trying to expand my knowledge about SEO so I'd really like to learn how this is being done as thoroughly as possible. I'd greatly appreciate the recommendation of any resources, and also advice based on person experience so that if I implement URLs like this, I can do it correctly. I know I can Google this stuff, but there always seems to be 1,000 ways to do something and I'd just to hear some personal recommendations.
For what it's worth, I use asp.net 4.0 (c#) and the IIS7 URL rewrite toolkit.
Thanks a lot!
IIS7 URL rewrite toolkit is a best tool to use in your case. Here are my answers to your questions.
Does it hurt SEO to have multiple URLs that resolve to the same page?
It does not, as long as you show search engines which URL is a primary one. You can do this by adding rel="canonical"in the primary link page. The best example of this is StackOverflow, which is doing very well in terms of SEO. Now, if you use http://stackoverflow.com/questions/5392137/ you will be pointed to this page, if you use http://stackoverflow.com/questions/5392137/url-rewrite-adding-keywords you will be on this page as well. Obviously the second ULR has more keywords, which is great for SEO, and it is more user friendly as well, since users know what the URL is all about.
How are these words even added to the
URL? Is it done programmatically, or
do they have someone hand-pick words
and store them in a database for each
product?
If you are a developer, then it is not your responsibility any more. SEO is 20% technical, 80% marketing(it is my rough calculation, you know the point.:-)). Those marketing folks should handle that after you give them an access to write or rewrite ULRs. They may find some keywords and add some of them in URL based on their tactics. Elad Lachmi gave a good answer on this question. StackOverflow is using question titles as a URL,which is reasonable. Hiring lots of SEOers to find keywords based on different questions and then manually add to URLs is not a good option for SO. But for commercial web sites, it is worthwhile to hire someone to manually do it. The answer is based on what kind of web site yours is.
Hope this helps
I love the rewrite toolkit because you can do ANYTHING!
From my experience, letting the content editor set whatever URL they like is the best option. Computer are not big on semantics. You can create set rules, and they might be ok (It`s not that hard to tell a computer "if the title is not long enough, add the author name"), but since a human adds the products anyway, a little SEO tutorial for the content editors can go a long way. You would be surprised what people who know thier products can come up with. I have seen great titles and URLs done by our content editors, that I would never think of in a million years from my position as a developer.
I'm looking for a spam filter that I can integrate into my ASP.NET application. I don't want any delegate services (e.g. Akismet) as I'm doing this for a high traffic website, any suggestions?
Edit:
I mean a post spam filter, it's a forum based website.
Edit:
Thanks for your answer but I'm not looking for a Captcha, I'm looking for a spam filter, Captcha is not a spam filter it's used for preventing automated spam but it's not a spam filter itself, a spam filter is a piece of software that scans the posts and mark them as spam or not. Actually I already have a Captcha in my application for preventing automated spam.
You could check out nBayes, a C# implementation of Paul Graham's plan for spam
If you don't want to use CAPTCHA's, because they annoy people, and you already the site up and running, you could write your own parser to filter out spam. Most spam you see is extremely blatant. Posting hundreds of links in a post. Subject, Body, and Poster name are all exactly the same. Other stuff along those lines. You could write some simple filters, like I did for my blog, to basically cut out 99% of the spam, while your users don't even realize that you are even using filtering.
I use Akismet for spam filtering. There is a .NET interface for available here on CodePlex.
It works very well and the Api is pretty simple. Akismet is free for personal use (making less than $500/month), so I'm not sure about the pricing if you are making some serious money on the website.
Although not widely used, since comments/forum posts are typically stored in a database, an insert trigger works remarkably well which looks for certain words in comments and auto triggers a delete. Again, this isn't an ideal solution, but it works for me. There is the possibility of deleting a legit post, but then again, its sometimes near impossible to correctly decipher a captcha...
I can't recommend this because I've never used it, but I know a small company that had decent luck with A Naive Bayesian Spam Filter for C# by Jason Kester.
I would personally recommend using a 3rd party like Akismet though. Spam filtering is tough business and it is always better to delegate that to someone who can and will keep up with the spammers' techniques over time.