Protecting Your Drupal Site
Anyone building a Drupal site that allows any kind of user submitted content should think about how to protect the site from spam. The three most popular areas for spammers to enter your site are the registration form, comments and your site-wide contact form. And while those points of entry may be the most popular it is important to consider that any form where non-registered users can submit content is vulnerable.
There are a few different methods that you can employ to protect your Drupal site from unwanted spam content. These methods include requiring registration, use of CAPTCHAs and third-party spam prevention services. I explain these options in a bit more detail in my Beginner's Guide To Drupal but in this drop I wanted to highlight the new option provided by Mollom.
Mollom is a third-party service that connects to your Drupal site via the Mollom module. The service offers you the ability to protect all key points of entry for content on your site including registration, comments and the contact form. What makes Mollom unique is the fact that it makes selective use of a CAPTCHA, only presenting one if the server believes that the submission might be spam. Mollom also provides daily stats (pictured above) on how many spam submissions were blocked and how many ham (aka good) submissions were accepted.
This differs from other services because things like CAPTCHAs tend to be displayed for all users. Other third-party services tend to relegate possible spam to the moderation queue. Mollom attempts to eliminate the moderation queue while only presenting the CAPTCHA some of the time.
Mollom has the potential to be of great benefit to Drupal site admins because their approach is one that is designed to minimize the amount of time spent managing harmful content on your site. I'm using Mollom on two Drupal sites, including this one. The service has given me the confidence to allow un-moderated comments that do not require registration.
One more reason to have confidence on the Mollom-Drupal combination is that Mollom is a project lead by Drupal founder Dries Buytaert along with Benjamin Schrauwen. Let's face it. If anyone knows about the dynamics of content on a Drupal site Dries does.
Bookmark Post- learnbythedrop's blog
- 700 reads
Delicious
Digg
StumbleUpon
Comments
Captchas are good for cutting off automated spam. As far as manual entries are concerned (like this one) you would want to moderate them either by yourself or with the help of the user (burry).
Frankly, based on the features of Mollom mentioned above I do not think it is valuable (probably there are some more features exist?)
"Captchas are good for cutting off automated spam." Agreed. That's why Mollom selectively presents captchas.
"...you would want to moderate them either by yourself or with the help of the user..." The problem with manual moderation is that it takes extra time. If someone leaves a legit comment I want it to be displayed immediately. This is good for users and it helps me save time so I can tend to other issues, like creating good content.
I've got Mollom running on a couple of Drupal sites and so far it has worked very well. Thankfully there are many other protection options including manual moderation, Akismet and Bad Behavior. So each site admin is free to make their own choices.
It's also important to reiterate that Mollom is about more that just comment moderation. Mollom protects "all key points of entry for content on your site including registration, comments and the contact form."
Is it possible to get Captcha shown every time before user submit the comment?
The whole point of Mollom is that it only presents a CAPTCHA when it thinks the message is spam. This approach is geared towards creating a more convenient user experience since legitimate users tend to be annoyed by CAPTCHAs. If you must present a CAPTCHA every time then the CAPTCHA module (http://drupal.org/project/captcha) is probably a better fit for you.
Post new comment