Title: Preventing spam with Community Server 2007
Slug: preventing-spam-with-community-server-2007
Date: 2007-06-03 12:21:00
Author: Kartones
Lang: en
Tags: Development, Security
Description: Discusses how to prevent spam in Community Server 2007 by changing the default settings for deleting spam comments and enabling multiple rules to block spam, including using a CAPTCHA module.

 <p>We live at a time where spam is becoming more problematic than viruses. And as the spam bots get more sophisticated, becomes easier for them to invade any online site and fill with comments blogs, admin addresses and even forums. Kartones.Net is no exception, and lately we're starting to have an alarming number of spam comments, so I've researched a bit and here is the (multiple) solution I've adopted to prevent further spamming in our community.</p> <p>A not so known feature you can tweak is Community Server's task in charge of deleting spam comments. By default, it deletes them each 30 days, so I've changed it to 1 day. You can alter it's value by modifying the <code>CommunityServer.config</code> file, under the <code>&lt;Tasks&gt;</code> section, task name <code>DeleteStaleSpamCommentsJob</code>, <code>expirationDays</code> property.</p> <p>In the community settings, you can enable multiple rules to block it. This are the ones I've activated to prevent it.</p> <p><img src="https://images.kartones.net/posts/screenshots/cs2007_antispam01.jpg" /> in your blog settings, as in the following image:</p> <p><img src="https://images.kartones.net/posts/screenshots/cs2007_antispam03.jpg" />CS2007 CAPTCHA module</a> to filter some spam before it even gets to the server. Good news is that with official blog themes it works without adding additional code (cheers for the developers). Bad news is that some advanced spam bots even have OCR technology and bypass it, but it filters part of them so I'll leave it anyway.<br>Here's how it looks:</p> <p><img src="https://images.kartones.net/posts/screenshots/cs2007_antispam04.jpg" /></p> <ul> <li>Any comment requires a CAPTCHA validation</li> <li>If bot passes it, forbidden words, bad word count and link count will flag the comment as spam</li> <li>Bloggers won't even notice the spam comment because it won't be published</li> <li>Next day the system will delete the spam comment without user interaction</li></ul> <p>With all this countermeasures, I hope to catch allmost all the spam.</p>