Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Moderating comment spam

From: Drupal 7 Advanced Training

Video: Moderating comment spam

Anything that can be used can also be abused. That's especially true online where anonymity forms a shield against responsibility. Sadly, that means you have to plan your site knowing that it'll be attacked by anonymous vandals and profiteers, but you do have tools to stop them. This video discusses some of them. The best way to solve a problem is to ensure it doesn't pop up in the first place. So let's start by checking our permissions. To do that go up to People and Permissions, and by the way this site I just installed a few hours ago and I haven't changed anything about the People or Permissions yet.

Moderating comment spam

Anything that can be used can also be abused. That's especially true online where anonymity forms a shield against responsibility. Sadly, that means you have to plan your site knowing that it'll be attacked by anonymous vandals and profiteers, but you do have tools to stop them. This video discusses some of them. The best way to solve a problem is to ensure it doesn't pop up in the first place. So let's start by checking our permissions. To do that go up to People and Permissions, and by the way this site I just installed a few hours ago and I haven't changed anything about the People or Permissions yet.

As you know there are three default roles Anonymous User, is someone who's not logged in, Authenticated User is someone who is in, and there's a special Administrator role. The thing that you mostly want to watch out for is Anonymous User. So let's just quickly scroll down here. They can view comments, can't cause a problem with that. They can use this text format; that's okay. They can view content. So this is pretty well locked down actually. Now let's take a look at the Authenticated User, by scrolling all the way back up and then start scrolling down again looking at that middle column.

They can view comments. Oh, Post comments -- this is where a problem could come in. The biggest problem is the Skip comment approval. If you leave this checked. it means that people will be able to create an account and then post all the comments that they want. So that leads us to the second part: how do people create accounts on your system? To see that go up to Configuration and Account Settings, scroll down a little bit under Registration and Cancellation. By default, anyone can register an account, but they won't be able to post comments until you approve that account.

So effectively that does stop spam as long as you watch who's actually registering those accounts. And that can be kind of difficult because when all you have is a name and e-mail address, you can't really tell one person from another. So another possibility is to only allow the administrators to make accounts. The thing that you want to be especially aware of is if you have visitors, that means that anyone can create an account without getting an administrator to approve it. If that's so and you have Skip comment approval on authenticated roles, then you have just opened yourself up to a world of spam.

So those settings take care of a big part of the problem. But what if you need to keep your commenting system open to anonymous visitors for some reason? First, I would consider again requiring some kind of login from them, even if it's not for your own site specifically. Core Drupal comes with a module called OpenID that lets people log in with their credentials from Facebook, Google, and other membership sites. You can see that by going up to Modules, then scrolling down within this core module group, and there it is, OpenID.

It's there but it is turned off by default. I talk more about it in the video on logging in using Facebook, Twitter, and other sites. You can also learn about it by going to drupal.org/documentation/modules/OpenId. But let's say they've logged in. You still have ways to throw up barriers to spam, and in fact there's a whole category of Drupal modules dedicated to this very matter. To see it, go to drupal.org/project/ modules. As usual filter by 7.x, and then look under the category Spam Prevention.

As usual these are ordered by popularity, and these top two I found have been of great help in all the sites that I have run. The first one throws up what's called the CAPTCHA. That is a test that is easy for human to figure out, but hard for a machine. It's usually something visual like this, but there's a lot of plug-ins as well so that you could have it, for example, pick the cat out of this group of pictures; again a machine won't be able to do. The second one is Mollom, which was created by the person who created Drupal in the first place, Dries Buytaert.

It adds a little bit of intelligence to the whole process about whether to show a CAPTCHA or not, and it has some other features. I talk about it in the video Slowing Spam in my course Drupal Gardens Essential Training, which is also on lynda.com. That leads us to our to our next line of defense, checking unapproved comments. If you remember back when you looked to the Permissions, there are two having to do with comments, one is Post comments and the other is Skip comment approval. People who can post comments, but not skip approval, get their comments put into an approval queue.

I will go back to my site so you can see where that is. Go up to Content, then to Comments, and you find it in this Unapproved comments group. We don't have any since of course this is not live site. But if you do have anything here you would look at the comment and then you could choose whether to publish or delete it. The problem with this system is that there may be comments there that you just don't know about because you haven't been notified. On my own site, tomgeller.com, I have it set up so that I get a notification using only core Drupal's modules Trigger and Action.

I'll show how that works. I'll go to my site where I am already logged in as the administrator. I click Structure and scroll to the bottom and look at Triggers. Now the Triggers module is not turned on by default when you install Drupal, although it is part of core. So of course we will have to go to Modules; turn it on before you can do this. But let's take a look, and then I'll look at what the triggers are for Comments, and as you can see I have set one up to e-mail me whenever a comment is posted. Now this is the way to do it using core Drupal's modules, but you can also do it using the much more flexible Rules module, which I discussed elsewhere in the course.

So there are the basics in spam comment moderation. Remember that you will have to make similar efforts if you allow people to create full nodes as well as comments, and you can see whether they have that permission once again by going up to People and Permissions, and then scroll down until you see the Node group. Once there for each content type there is a group of permissions such as for here for Blog entry. You might also have to watch content that you have coming in automatically from outside sources such as through RSS feeds.

One strategy I try to keep in mind is to continually ask myself: Just how much access to my site do visitors need? Is the value of their comments outweighing the bother of moderating them? A conflict arises because Drupal encourages openness and sharing, which society itself too often mishandles.

Show transcript

This video is part of

Image for Drupal 7 Advanced Training
Drupal 7 Advanced Training

72 video lessons · 11581 viewers

Tom Geller
Author

 
Expand all | Collapse all
  1. 4m 51s
    1. Welcome
      1m 7s
    2. Planning your Drupal career
      3m 44s
  2. 25m 46s
    1. Comparing development and production environments
      6m 22s
    2. Configuring your settings.php file
      7m 10s
    3. Running multiple sites from one Drupal installation
      7m 32s
    4. Troubleshooting common issues
      4m 42s
  3. 51m 20s
    1. Understanding your Drupal site's place on the web
      2m 44s
    2. Selecting a web host
      7m 20s
    3. Using Unix's command-line interface
      8m 23s
    4. Working with your web host's access restrictions
      4m 51s
    5. Using cPanel and other graphical web host interfaces
      3m 40s
    6. Transferring files to and from your web host
      5m 49s
    7. Moving databases using phpMyAdmin
      6m 34s
    8. Moving databases using Unix commands
      6m 8s
    9. Modifying server configuration files
      5m 51s
  4. 27m 10s
    1. Learning from case studies
      3m 13s
    2. Planning your site
      4m 18s
    3. Populating your site with Devel Generate
      3m 42s
    4. Managing URL paths
      3m 20s
    5. Restricting access to downloadable files
      5m 55s
    6. Reusing site components with the Features module
      6m 42s
  5. 21m 53s
    1. Understanding and installing Drush
      5m 23s
    2. Installing Drupal using Drush
      7m 24s
    3. Building a site using Drush
      9m 6s
  6. 31m 59s
    1. Backing up with the Backup and Migrate module
      8m 17s
    2. Moderating comment spam
      6m 47s
    3. Migrating from Drupal 6
      4m 28s
    4. Migrating to Drupal 7
      12m 27s
  7. 22m 24s
    1. Letting users log in through OpenID
      5m 10s
    2. Letting users log in through Facebook, Twitter, and other services
      9m 43s
    3. Republishing posts on Facebook and Twitter
      7m 31s
  8. 1h 5m
    1. Understanding Drupal's base themes
      5m 55s
    2. Introducing base themes: Zen and subtheming
      11m 35s
    3. Introducing base themes: Fusion and extensibility
      10m 44s
    4. Introducing base themes: AdaptiveTheme and responsive design
      7m 25s
    5. Introducing base themes: Omega and mobile devices
      7m 9s
    6. Using Firebug and other theming tools
      7m 20s
    7. Modifying themes with Sweaver
      6m 59s
    8. Modifying themes with Livethemer
      8m 45s
  9. 49m 35s
    1. Understanding the Rules module
      6m 48s
    2. Demonstrating how Rules works in Drupal Commerce
      3m 53s
    3. Creating practical rules
      6m 37s
    4. Improving rules
      9m 10s
    5. Defining conditions with the Context module
      7m 51s
    6. Varying layout with the Context and Delta modules
      5m 0s
    7. Varying layout with the Panels module
      10m 16s
  10. 52m 46s
    1. Enabling social features
      9m 46s
    2. Implementing a voting system
      9m 15s
    3. Rewarding good behavior with the Userpoints module
      5m 57s
    4. Setting up Organic Groups
      6m 28s
    5. Adding content to groups
      2m 21s
    6. Seeing group activity better with views and panels
      10m 13s
    7. Making groups private
      4m 54s
    8. Letting each group have its own permissions
      3m 52s
  11. 25m 32s
    1. Understanding packaged Drupal distributions
      2m 8s
    2. Getting a head start with Acquia Drupal
      7m 28s
    3. Creating online storefronts with Drupal Commerce
      6m 53s
    4. Creating government web sites with OpenPublic
      9m 3s
  12. 1h 30m
    1. Taking the assignment
      3m 26s
    2. Planning the project
      3m 43s
    3. Preparing the infrastructure
      8m 42s
    4. Starting the design
      7m 35s
    5. Filling in the content
      7m 29s
    6. Developing the layout
      10m 27s
    7. Finishing the layout
      7m 8s
    8. Refining the CSS
      6m 32s
    9. Setting up sections for regional offices
      4m 53s
    10. Configuring regional offices
      7m 18s
    11. Connecting to social media
      5m 9s
    12. Cleaning up
      12m 32s
    13. Securing the site
      5m 56s
  13. 37s
    1. Next steps
      37s

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Drupal 7 Advanced Training.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferences from the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Learn more, save more. Upgrade today!

Get our Annual Premium Membership at our best savings yet.

Upgrade to our Annual Premium Membership today and get even more value from your lynda.com subscription:

“In a way, I feel like you are rooting for me. Like you are really invested in my experience, and want me to get as much out of these courses as possible this is the best place to start on your journey to learning new material.”— Nadine H.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.