Preventing Spam & Bot Accounts with Drupal

Why Your Site?

  • Backlinks for shady SEO practices
  • Malware propagation
  • Further attacks on site / server

How Do They Do It?

  • XRumer

    • CAPTCHA Solving
    • Site finding / detection
    • Email automation

  • Other Bots

  • Manual Account Creation

Mitigation Techniques

  • CAPTCHA
  • Hidden form fields
  • Form submission timing
  • Profile field whitelisting
  • Mollom
    • Akismet, Defensio, etc.
  • Blacklists
    • Project Honeypot
    • StopForumSpam
  • OS level firewalling

Drupal Modules

  • CAPTCHA (base module)
    • reCAPTCHA
    • imageCAPTCHA
    • CAPTCHA riddler
  • Spamicide (hidden form)
  • BOTCHA (hidden form, hueristics)
  • Mollom
  • Akismet
  • Project Honeypot
    • Bad Behavior
    • Http:BL

Case Study

  • 20 - 30 users
  • Public & private forums
  • Calendar signups

Modules Used

  • CAPTCHA base module
  • Spamicide
  • Http:BL (Project Honeypot)
  • Rules based user whitelisting

Preventing Spam with Drupal

By mutagen

Made with Slides.com

Preventing Spam with Drupal

Modules and approaches to preventing signup and forum spam on sites built with the Drupal CMS.

  • 1,244