Attempt at Reducing Spam Comments

Posted At : April 25, 2009 1:52 PM | Posted By : Francois Levesque
Related Categories: Cool Stuff

Over the last couple of weeks, I've been hit pretty hard with spam comments (wow-gold anyone?). Although BlogCFC makes them really easy to weed out (thanks Ray!), I can't help but feel bad when I realize that some of my readers who've subscribed to comments on posts get spammed by these as well.

A couple of months ago, I read about a neat little utility called CFFormProtect. Written by Jake Munson,

CFFormProtect is a fully accessible, invisible to users form protection system to stop spam bots, and even human spammers.

One of the best features, in my opinion, is that it doesn't rely on having the user enter anything special to recognize if it's spam or not (no more CAPTCHA!). In the background, though, it uses a series of tests to determine whether the comment is valid. Convinced, I finally decided today to give it a try. Sitting down in front of my computer, I figured it'd be best if I first googled BlogCFC and CFFormProtect, see if anyone had any issues installing one with the other. To my surprise, one of the first posts I read was the announcement that the latest version of BlogCFC (5.9.3) actually included CFFormProtect!

In my case, though, I was still running 5.9.1, so I had to update to get it working. This is really easy to do, but there are steps you want to make sure you don't miss. Start by downloading the most recent version of BlogCFC from RIAForge. In org/camden/blog/blog.ini.cfm, change the line usecfp=no to usecfp=yes. You can also decide to remove CAPTCHA (usecaptcha=no). Make sure you also update the other keys to match what you have on your live blog (namely dsn, username, password, owneremail, blogURL, blogTitle and blogDescription).

Once that is done, you might want to copy your styles over from your existing install. In my case, I had to copy over my layout.css and style.css files, from the includes folder, and tags/layout.cfm. Once that was done, it was just a question of uploading the client and org folder to the host, overwriting the existing files and refreshing the blog cache (in admin, click on "Refresh Blog Cache"). This ensures the application scope is refreshed to take in the change components and tags.

And that is it! Hopefully this will make a difference in our fight against spam. Eventually I might try out the interaction with Akismet (further reduces spam), but for now let's see how it goes.

Comments (10) | Print | del.icio.us | Digg It! | Linking Blogs | 652 Views
Comments
[Add Comment] [Subscribe to Comments]
Aaron West's Gravatar I'm on BlogCFC 5.9.3 and was hopeful CFFORMPROTECT would keep all spam at bay. It didn't and I felt it was necessary to turn on LylaCaptcha. This solution is still better than what I had pre 5.9.3 as I didn't use LylaCaptcha, nor did I manually implement CFFORMPROTECT. I relied on comment moderation then and at least that's gone.
# Posted By Aaron West | 4/25/09 5:07 PM
Francois Levesque's Gravatar @Aaron,

Did it still manage to reduce most of the spam you used to get? Have you tried getting an Akismet API key and activating it's functionality in CFFormProtect? I'm really trying to avoid using captcha, so any insight would be great :).
# Posted By Francois Levesque | 4/25/09 5:51 PM
Aaron West's Gravatar CFFORMPROTECT along did reduce the amount of spam but did not eliminate it. I still received (and so do any post subscribers) 2-4 spam comments a day. I haven't tried Akismet yet, no. Ultimately, I agree captcha is a total pain but until I can find a non-Captcha solution that's as reliable as captcha, I will keep it on my site.
# Posted By Aaron West | 4/25/09 5:56 PM
Jake Munson's Gravatar @Aaron,

Do you really get 100% results from Captcha? A lot of the blog spam I get from blog posts is with blogs that are using Captcha. I don't think it's possible to ever get 100% blockage with any solution. I do use Akismet on my blog (along with CFFormProtect, of course), and I only see 1 or 2 spams a month at most, usually less.
# Posted By Jake Munson | 4/26/09 12:36 AM
Jake Munson's Gravatar I'll ammend that...there are solutions to block 100% spam: turn off comments, or use moderation. But most people don't want to do either of those. :)
# Posted By Jake Munson | 4/26/09 12:37 AM
Jason Dean's Gravatar I have been using cfformprotect for several months now and have found it to be quite effective. I receive very little blog spam.

I am using the Askimet feature of cfformprotect, perhaps that is helping eliminate the rest, but it is really quite rare that something gets through. Knock on wood, right?
# Posted By Jason Dean | 4/26/09 12:40 AM
Glyn Jackson's Gravatar I know what you mean with that WOW crap its seems to be the old spam that gets me at the mo.
# Posted By Glyn Jackson | 4/26/09 11:49 AM
Francois Levesque's Gravatar I got 2 spam comments during the week-end, so I'll be getting and enabling Akismet later today. I probably didn't edit my spam-list well enough, too.

More to come!
# Posted By Francois Levesque | 4/27/09 10:25 AM
Francois Levesque's Gravatar I activated Akismet with CFFormProtect, so I can't wait to see if it'll be any better. Without I got about 10 spam comments today, so here's to hoping.
# Posted By Francois Levesque | 4/28/09 6:52 PM
Francois Levesque's Gravatar A week an a half running with CFFormProtect and Akismet: 0 spam comments. What a wonderful feeling!
# Posted By Francois Levesque | 5/6/09 8:48 PM
[Add Comment]
BlogCFC was created by Raymond Camden. This blog is running version 5.9.3.000. Contact Blog Owner