Google: how to protect website from spam created by users
Google shared tips on how to prevent spam in comments and forums. For this we recommend the following:
- Regularly update the forum software. Pay attention to the updates are related to security fixes. Spammers usually exploit vulnerabilities in older versions of CMS.
- Use captcha. For this you can use services such as reCAPTCHA, Securimage and Jcaptcha.
- Block by suspicious behavior. Many forums allow you to configure a limit on the frequency of publishing posts. Platforms such as phpBB, Simple Machines and myBB also provide an opportunity to monitor the excess traffic by IP addresses.
- Check daily for the most active commentators. If a user has registered on the forum recently, but has already published a number of posts need to checking out his profile.
- Consider to disable comments. For example, you can disable a very old forum threads that are unlikely to come users. If you do not have time to regularly review comments or this feature is not needed by your users, it is better to remove it.
- Use moderation. Consider the introduction of rules. For example, links could publish only users with high reputation. Or to comments with links appeared in the public domain only after verification.
- Disable anonymous. Remove the possibility of anonymous posting by the settings of the CMS. You can also make the posts of new users appeared in the public domain only after verification.
- Create black lists of words. Block unacceptable comments by the blacklist spam words and phrases.
- Close links by the nofollow attribute. This will reduce the interest of spammers in your site. A blog system such as Blogger add this attribute to comments by default.
- Use automated systems for the site protection. For example, Akismet.
More information about protect the site from spammers, you can find in the Help center Google webmaster tools.