Two great DRUPAL modules to stop harassing spammers

Member for

1 year 6 months
Submitted by AlReaud on Tue, 03/26/2013 - 21:17

Updated: 10/10/2016

If you operate a content management systems (CMS), you're probably familiar with the curse of botnet attacks on the user registration and persistent spammers on comments. These are IP address that are attached to your CMS from China, i.e. the domain, sending regular, daily spam message updates about Viagra, Cialis, and faux haute couture, sometimes for years on end. Or they continuously try to attack the user registration CAPTCHA, trying to create accounts to do the same or worse, sometimes using inane responses to the CAPTCHA like "TooBad1" through "TooBad257", not really doing any damage but consuming sometimes scarce resources and filling up the logs (to mask other activity sometimes, like database attacks).

This is not a problem specific to any one CMS, and will happen to Drupal, Wordpress, or Joomla. Drupal, however, logs the events as part of core functionality, allowing them to be noticed by the operator. Having dealt with it for well over a year, mostly manually, I found two great modules in the Dupal repository to help curtail the intrusions and the waste of your time as operator. In my case BOFHwink

GoAway (currently Drupal 7 only)
Allows for IP banning from the spam comment view, with the miscreant IP forwarded to the URL of your choice. I've not fully experimented with the extent of the banning, however, I don't believe it's as extensive as the Add Rule ban, which is total. This should be reserved for those recursive spammers who just insist on sending you info on how to enlarge your manliness, etc…

Uses honeypotting (PDF whitepaper) techniques to help prevent intrusion by botnets on comment, content, and user registration/password reset forms. This module will not stop intrusion attempts, however it will make them less effective and more cumbersome. It has good control and decreases faux comment and faux user registrations significantly on sites that have those enabled. On this site it's used for comments only, as user registration is disabled. Visitors can bang away at user registration and get access denied every time.

The implementation of both the above, along with text and image CAPTCHA and/or reCAPTCHA have allowed opening up sites to anonymous commenting while retaining tight control on user registration and authenticated user access. Well worth checking their applicability for your Drupal site if you're having the spam/fake account problem.

Add new comment

The content of this field is kept private and will not be shown publicly.

Restricted HTML

  • Allowed HTML tags: <a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol type start> <li> <dl> <dt> <dd> <h2 id> <h3 id> <h4 id> <h5 id> <h6 id> <u> <s> <sup> <sub> <hr>
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enter the characters shown in the image.