There is a lot of disinformation about how to prevent comment spam on your website, and the trend continues with this Sitepoint article penned 2 weeks ago.
1. Don’t Ban Specific IP Addresses
Don’t bother banning IP addresses. Although this is the most logical thing to do, it rarely helps much. Most comment-spammers bounce requests off other computers and servers, so you’ll likely never be able to eradicate them from your site entirely.
Sitepoint: How to Stop Comment Spam
False. In the last two months, IP blocking has stopped over 20,000 spam bots from visiting my site. IP blocking can be quite useful.
2. Don’t Allow HTML
There is no reason for a user of your site to be able to write HTML or JavaScript. This should be obvious, but there are many Websites that allow users to use either, or both, of these languages.
Sitepoint: How to Stop Comment Spam
Well certainly you want to strip out harmful JS or PHP code, but that has nothing to do with spam. How will allowing basic markup make for more spam? Especially stupid considering that the article recommends converting URIs into links automatically. If spammers want to make themselves more obvious by loading up links with spammy keywords, let them.
3. Use Non-Descriptive Form Names
Good programming requires the use of descriptive names, but in avoiding comment spam, you should stay away from names that describe a form’s fields. Form element names like “Comment” make it too easy for spammers to access your comment system.
Sitepoint: How to Stop Comment Spam
Changing the name of form elements of the form target is an old trick… but it’ll only fool the dumbest of bots. Most bots already know that your site is a blog, because they find your URI through update services. Any form they find is fair game.
4. Use rel=”nofollow” for All Links
If you allow site users to include links in their comments, add rel=”nofollow” to the tag […]
Sitepoint: How to Stop Comment Spam
rel="nofollow"
is fairly useless. It takes more effort for a spammer to test to see if your links are giving them page rank than it takes for them to just blindly spam you anyway. The “but it’s not helping you!” argument falls on deaf ears.
The rest of the article is decent, taking a look at the advantages and disadvantages of things like CAPTCHA, authentication, and keyword moderation, but those first 4 points are way off.
valerie says
Agreed.
Thanks for putting all that out there.
Matt Mickiewicz says
Thank you for the feedback on our article… You definitely raised some very valid points for discussion. Perhaps you could repost your blog post to the thread about the article?
http://www.sitepoint.com/forums/showthread.php?t=249037
gbkgas says
Hello! Thank you for your site. I have found here much useful information.
I’ll be back.