Spam is when someone posts unsolicited bulk messages indiscriminately, and every dynamic website that displays user-submitted data is a target for spammers. Unfortunately Pligg CMS is a prime target for spammers because of the way that it promotes links to external websites as part of the article system. We have dedicated a lot of time to coming up with a variety of methods to combat spam, and this article will help you establish a protective barrier to keep spam off your website.
Pligg's Killspam Feature
Built into Pligg CMS is a feature that we call "Killspam". This feature is used to remove a particular user's content from the site completely and irreversibly. This means that all of the user's contributed comments and stories will be moved into a "Spam" status, which is hidden from view from the front end portion of your website. In addition to removing content, the user will no longer be able to login and post to the website.
We highly recommend that you frequently create MySQL database backups just in case you accidentally killspam a non-spam user.
There are 3 ways to killspam a user: from the Admin Manage Comments page, Admin Manage News page, and Admin Manage Users page. On the comment and story management pages the killspam feature is triggered whenever you mark a story as Spam. Select the Spam radio button for a story or comment and then the "Apply Changes" button. This will bring up a confirmation message listing all of the users that you are about to mark as spammers. Press the OK button to proceed, which will remove the user's content from the site and prevent them from posting again.
The third method for killspamming a user is from the User Management page. Use the select boxes to choose which users you want to killspam, then press the Apply Changes button to proceed. Similar to the previous step, you will have to confirm that you want to killspam the users through a popup message.
Free Anti-Spam Modules
One of the best parts about Pligg is it's module system, which allows developers to add in extra features to Pligg. We have come up with a number of great modules that will help users keep spam off their site.
Originally developed for use with Wordpress (http://wordpress.org), Akismet has grown into a popular service for blocking spam. The Akismet filter works by combining information about spam captured on all participating websites, and then using those spam rules to block future spam.
In order to start using the Akismet module, you need to enter an API key from the module's settings area. You can sign up and receive an Akismet API key for free personal use through their website. Once you have a key set up the module will start working and will automatically flag potential spam articles for review for you. You will find the flagged articles under the "Moderated" filter from the story and comments management pages.
The Human Check module is a specially crafted module for Pligg that attempts to detect and deter spammers. There's no configuration for this module, so it's a simple one click install to benefit from it.
You've probably seen many sites use CAPTCHAs as a way to verify that a human is entering information. Typical CAPTCHAs will use distorted text that are difficult for computers to read as a way to verify that the poster is a real person. Pligg comes with the CAPTCHA module pre-installed and configured to use the Recaptcha service. For more information about the Pligg CAPTCHA module, read this article.
The Spam Trigger module for Pligg is a dictionary based anti-spam technology. It comes with a preconfigured dictionary of common spam words separated into 3 different lists: light, medium, and hard.
The Light Trigger list is used to mark stories as moderated when someone uses a word or phrase that appears in this dictionary. This prevents potential spam and profantiy from appearing publicly on your site.
The Medium Trigger will cause any stories or comments that match this list to be marked as discarded, resulting on matching submissions being automatically deleted.
Anyone who uses a word of phrase that appears on the Hard Trigger list will not only have their comment or story removed, but ALL of their stories and comments will be removed. This would be the same as marking a user as 'Killspam' from the admin panel. Not only will it remove their content, but it will randomly change their password, email and immediately log them out. We highly recommend that you carefully consider whether you want to use this method since it is very powerful and if a legitimate user accidentally uses a phrase from this dictionary it will result in their expulsion from your site.
SFS (StopForumSpam.com) Antispam
StopForumSpam.com offers a service that lets you check a database of reported spam email addresses, IP addresses, and usernames. The SFS Antispam module for Pligg will check the database during the user registration process and block potential spammers from creating an account. This module requires an API key from the StopForumSpam.com website, which you must manually enter into a module file. Check the included readme file with this module.
Commercial Anti-Spam Modules
The following modules are commercial addons that can be purchased.
Registration Email Domain Check (REDC)
This module has two different methods: whitelist and blacklist modes. The blacklist mode will reject any registrations from email addresses, domains, or partial word matches that you set up. The whitelist does the opposite and will only accept registrations from a list of allowed phrases. The module only checks the ending part of an email address, so if you enter the word "test" as a blacklist word it would block firstname.lastname@example.org, but not email@example.com.
- Adding @mailinator.com would block only email addresses ending with "@mailinator.com".
- Adding ".ru" would ban firstname.lastname@example.org, but not email@example.com
- Adding "bar" would only block domains ending with "bar" (ex. the address firstname.lastname@example.org)
- Adding "@company.com" would only allow addresses ending with @company.com when using the whitelist method.
- Adding ".edu" would only allow .edu addresses (plus other exceptions added to the list)
Story Email Moderation Module
This module will send an email to moderators when a story is submitted to the site. The moderator must then approve the story before it appears in the Upcoming section of the site. This is useful for sites that want to prevent spam. In fact, it is the only method available that guarantees that spam won't be published on your site since every story submitted by normal users will be moderated by a human administrator.
The settings area allow you to specify who you want to contact when a new submission is made and what users you want the module to ignore and not apply moderation rules to.
From the Admin panel under the Manage tab the News section will label stories awaiting moderation approval as "moderated".
The Karma Wrangler module forces all users to have voted on previously submitted content before they are themselves allowed to make submissions. This highly requested module forces any user to have voted on X number of stories (default number is 5) before they are allowed to make submissions on your site. This will help promote stories faster by making users actually have to participate before they are allowed to add any content themselves. This module will also help cut down and block those pesky auto submitting spam programs where bots sign-up, submit, and leave your site, never to be seen again by requiring the user to actually manually vote on a number of stories before the submission system is unlocked.