Welcome to WebmasterWorld Guest from

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

Google Suggests Ways to Combat Auto Generated Comment Spam

12:03 pm on Jan 31, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
votes: 1034

Google has published some tips to help site owners, forum owners, and publishers combat auto generated comment spam.
Much of the suggestions are obvious, but the fact that Google is mentioning this suggests to me that spammy comments really does devalue the content, and we know google wants to give users great results. As publishers and site owners we do not want to devalue our sites in any way, and we don't want it to be hurting our rankings.

Google's tips include, as I said, some obvious aspects, such as making sure the forum software is up-to-date and fully patched. Adding a CAPTCHA, using, for example, reCAPTCHA, Secureimage and Jcatptcha. Blocking what it describes as suspicious behaviour is a good move, including for excessive traffic from individual IP ranges. Forum posters coming from nowhere and producing an excessive number of posts are often indicators that something is up. Closing old forum threads that aren't likely to gain up-to-date comments.

It goes on, but, really, there's nothing new here, and it's a shame that some of Google's tools are not made available in some form or another to webmasters and forum owners.
11:10 am on Feb 5, 2017 (gmt 0)

Senior Member from GB 

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month

joined:Sept 16, 2009
votes: 83

For simple forms on smaller sites, the single most effective and simplest thing we found is not mentioned in Google's post: use Javascript. You switch your declared form field input names to the real ones using JS. Humans using a browser make it through, bots don't. I am aware that there are bots that run JS but they're not being used against the sites I maintain. Most spambots (at least the ones that used to plague us) are not at all sophisticated.

For busier sites we developed a simple algorithm with a score that looks for unconventional character strings (and a commonality of them) across fields like firstname / lastname / username / email / password. Bots are usually poorly configured and they present differently to a genuine user who will have a distinct name, desired username, email address and password. We used the scoring system to quarantine edge cases for review and to refine the algorithm. After a few months there were no more edge cases. Again, YMMV if you're being hit by click-farm humans or bots that have been configured with more care. Luckily for us, we've not had that sort of attention.
12:06 pm on Feb 5, 2017 (gmt 0)

Senior Member

WebmasterWorld Senior Member Top Contributors Of The Month

joined:Nov 13, 2016
votes: 285

For some reason, I've never been victim of "automated" spam posting at my forum. All I am doing is to output forms using Javascript , but I assumes that spam bots are advanced enough to interpret javascript, but so far it works. (I use my own CMS, so it's possible spam bots are not bothering with me, and prefer to target popular CMS).