It seems that over time spammers can get more prolific at both registering as users on your blog and leaving multiples of spammed comments on various posts that you have published. Typically the comments are highly flattering, they tell you how wonderful you are as a blog writer, what a gorgeous layout your blog has, how wonderful it is that it loads so quickly and so on. Also if you see the word ‘Fastidious’ you may as well interpret that as someone shouting at you, I am a spammer and I have just tried to get a free link to one of my crappy websites that no one has the remotest interest in.
Comment & User Registration Spam
Because that is nearly always what they are trying to do, spam comments that arrive in your spam list by the hundreds or even thousands are simply a quantity over quality attempt to lift the page rank of a website up artificially. Here are a few other reasons why spammers leave comments and why they register on your blog:
- as previously mentioned, to get a website an artificial increase in page rank due to multiples of back links to the site (quantity over quality) which is sometimes referred to as Google bombing
- posting affiliate links that may bring in income
- getting links to sites that are considered bad neighborhood sites,
- getting links to products and sites associated with email spam (viagra seems to be the most prolific)
- registering as a user may give a spammer a back door way in, depending on how your blog is set up e.g. some blogs only allow comments from registered users
- as a registered user they may also be able to gain access to your database and potentially use stealth methods to modify your settings and place links without you even knowing about it
Why do Spammers Spam?
This may seem like the same question but it’s actually not. The question why do spammer’s spam in this case is what is the motivation for what must be fairly capable software programmers to embark on such a career. In a nutshell, it is for financial reward and pretty significant rewards as well. In this Interview with a Link Spammer from Charles Arthur, you can get an insight into why a link spammer does what he does and an understanding of the technical challenges they face in order to get access to your blogs without flagging themselves as spammers and getting shut down. You can read the link spammer’s story and you may even have a grudging respect for his ability, but any decent hard working person with integrity will never condone the motivation behind it. If someone has that level of skill, it should be used legitimately for positive purposes.
Can Comment Spam and Registration Spam be Completely Stopped?
Unfortunately the answer to that is no, not while there is still a real or perceived perception that unscrupulous people can benefit from the process. Spammers are constantly evolving their techniques and methods for bypassing security screens, consequently the developers working to prevent the spammers have to constantly evolve and develop new ways to stop the spammers, but there is always the time when a new door has been opened and a lag before it can be closed again. That’s a little like taking care of new viruses, they can always be stopped but it does take a little time.
Who is Most at Risk from Comment Spammers?
If you operate a blog and you allow comments on your blog or new people to register to your blog, then you are at risk. But that is after all the objective of most bloggers, to engage with the public allow them to receive updates from your blogs and to have their say on your publications and posts. So what can you do?
Nearly, if not all blogging platforms now provide tools for blocking spam comments and registrations from user bots. This typically consists of using programs that identify and segregate spam comments and suspicious registrations. You can also set up your admin so that the level of security is increased and nothing gets made live until you have personally approved it. Should you take those steps in each case? Well only if it is necessary, it is always a good idea to have an anti-spam comment program running as it is always a good idea to have a program that protects you from fake user registrations, but you can configure those tools to accept comments or registrations according to your needs. You can also use the general settings in a WordPress blog to provide some level of protection. For example these are some of the options you have under the discussion settings:
These are not my recommended settings by the way, this is the default setting and they can be configured according to your needs and dependent on the amount of spam you are receiving.
WordPress blogs also come with Askimet installed, this is a highly effective program that prevents comment spam. It is a plugin which you will need to activate and in order for it to work you will need an API Key which you can get by registering on the site and then requesting it. This is the link where you can go to get your key Askimet API Key and this is where you can get the Plugin if you need it Askimet Plugin
For a simple anti-bot registration engine, you could use SABRE this program is highly configurable and allows you to chose a security level that fits your purposes.
There are numerous other plugins that offer the same facilities for stopping comment and user registration spammers, so if you prefer something different to the two mentioned a quick search for ‘stop comment spam’ or ‘anti-bot registration’ will provide you with any number of different options. Just take care that what you choose serves your purposes and don’t be tempted to use multiple solutions as they may interfere with each others operation.
More Sensible Precautions to Prevent Comment and User Registration Spam
Spammers will try to make their lives easier by targeting certain blogs which they know will be more likely to accept their comment spam. Many WordPress blogs for example make the statement ‘Proudly Powered by WordPress’ in the footer information and more often than not the log-in form can be accessed by the default target page wp-admin after the domain name. This immediately means that they cannot only find your blog, but they can also get straight into the registration form. Many people will advise you to find those identifying features and default settings and change them. But once gain I would say, only do it if you think you need to and it suits you.
Generally if something has been identified as a potential problem there is usually a plugin to fix it, the registration link is no exception and there is a plugin called Custom Registration Link that allows you to easily change your path and send real visitors to your login page and bots down a blind alley.
For more information on what the bots find attractive this is quite an informative article How Bots Find Your Blog
What About eMail Spam Can I Stop That as Well?
This is a different, if not equally annoying, problem that requires a slightly different solution. Clearly many of the big email address suppliers, gmail, gmx, yahoo etc. provide anti-spam tools. But they often need multiple reports of spam from the same sender to take action, one person’s spam is another’s anxiously awaited update unfortunately. So you can understand why email providers are a little cautious about the indiscriminate labeling of certain addresses as spam. That said you can of course take your own action and you can place certain emails into the spam category under your own personal settings. Also if you run an email client, you may be interested in this useful program called SpamFighter, which uses an international database to store and identify spam as it arrives in your inbox. I have found this program to be invaluable, and no this is not an affiliate link.
This answer on Yahoo was pretty comprehensive as well. It tells you all about how to rid yourself of the dreaded viagra spam