Post Conference COD Configurations - Best Practices for Configuring Comments on a COD Site to Avoid Spam

Events happening in the community are now at Drupal community events on www.drupal.org.
kreynen's picture
Posted by kreynen on August 8, 2011 at 6:29pm

After D4D Boston 2011, videos of most of the sessions were added to the session pages. Awesome!

Unfortunately it doesn't look a human being or service is being used to manage comments or account approval on the site so it is quickly filling up with comment spam. Not so awesome.

So thanks to the effort several volunteers have already put into the site and conference we had this great resource, but because it isn't being maintained we can't really point people to a session page with adding a disclaimer...

If you have time, take a look at this great session Ben Jeavons did on Security for Site Builders...

http://boston2011.design4drupal.org/sessions/drupal-security-site-builders

Ignore the fact that the conference site itself is full of comment spam. Don't worry. Drupal is secure and has solutions for comment spam. This site just isn't using any of them.

First, can someone with access to the D4D site change the configuration and purge the spam that's already there?

Second, is there a recommendation for how to configure comments on a COD site post conference so this doesn't happen?

Comments

why not Mollom?

Posted by jpamental on August 8, 2011 at 7:12pm
jpamental's picture

Seems like Mollom would be an easy fit to protect the comments form - the free level would likely be just fine for most uses and I think it defaults to showing a captcha if you reach your limit.

Jason

Jason Pamental
[ @jpamental ]

Seconded

Posted by bjornmeansbear on August 8, 2011 at 7:22pm
bjornmeansbear's picture

Yeah, Mollom is what I use on all of my sites, and I have not been disappointed. It helps that it is another Dries project, so you know it plays well with drupal.

This seems pretty generic and

Posted by greggles on August 8, 2011 at 7:36pm
greggles's picture

This seems pretty generic and only somewhat specific to cod.

For what it's worth, though, my personal strategy:

  1. All the way through there should be a system in place like mollom or manual moderation to review for spam.
  2. Open site for registration, maybe allow anonymous commenting
  3. Close anonymous commenting
  4. Shortly after the event happens, close registration on the site (i.e. no new drupal accounts)

My theory is that once an event has passed people don't really need to sign up for a new account. Maybe one or two people do to comment on a video, but in general it's not necessary.

This also assumes that you are headed toward a static archive of the site and that you have 1 site for 1 event and then archive it (which is common, but not the only case).

knaddison blog | Morris Animal Foundation

I don't see any spam so

Posted by lisarex on August 8, 2011 at 8:00pm
lisarex's picture

I don't see any spam so someone else has taken care of it.

I'm an admin on the D4D site and don't see any spam? I am assuming you used the contact link already?

==================================
http://about.me/lisarex

I did. Sue Mildrum deleted

Posted by kreynen on August 8, 2011 at 8:28pm
kreynen's picture

I did. Sue Mildrum deleted the spam and disabled comments.

Boston

Group categories

More Specifically

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds:

Hot content this week

See all hot content.