Squash Spam On Your Drupal Site

No one likes spam. While most people think of it as being unwanted email, spam in the form of unwanted and bogus comments on a website is equally annoying. But on your Drupal site, you want users to comment and interact with your content, but you want to ensure that those comments are legit.

There are some Drupal modules that can help you automatically moderate the spam without having to manually delete hundreds or even thousands of comments daily.

Two modules in particular are AntiSpam and Mollom. Both of these modules help with the prevention and automatic deletion of spam in your Drupal site, however, they go about doing so in different ways. AntiSpam uses multiple services such as Akismet.

Mollom is a module that’s developed specifically for Mollom’s service. In addition to blocking spammy looking content, Mollom may block a known spammer based on information in their system. Mollom is free and also offers several different paid services for business and larger enterprise customers.

Those are two modules that I have used to control spam, which services do you use to prevent spam in Drupal? Be sure to let me know in the comments.

Check out the previous post in his Drupal series whereBrant talks about essential modules for developers. In his next post, Brant discusses the different pieces that you need to backup so you can restore Drupal. Find out more abouthosting your Drupal site at Rackspace.

  • John

    Hi Brandt,

    I was quite surprised to find Drupal posts here at Rackspace. Nice one. I actually came here looking at job opportunities. I wasn’t aware that Rackspace is a Drupal savvy company.

    I conquered the spam issue by using SpamBot module (http://drupal.org/project/spambot) which tests user registrations and posts against the stopforumspam service. I modified the module though to automatically ban the IP of failed attempts.

    Before using this, the site in question got up to about 900 users from spambots and new registrations were numbering about 20-30 a day. Which is strange because that site does not even allow comments. But the registrations and huge number of 404s and 403s were getting to be a problem.

    Finally I made the modifications to ban IPs and since then it has all been good. The module also allowed cron to filter out the 900 odd abusive accounts over a few hours.

    Great post & video. Thanks.

    john 🙂

    • Sam Michel

      Ooh, nice work John. Did you submit your updates to spambot back to the module owner? Sounds like a great approach and one we could do with, too.

  • Hi Brandt,

    This is a wonderful article. Few months ago my site was attacked by spammers and during that course i found out that Honeypot is an excellent technique to protect form spammers. Well in some cases i think you should use combination of different techniques. Here is good about it if someone wanted to look into it. http://www.mindyourcode.com/php/drupal-spam-protection-by-using-non-captcha-framework/

  • Really such a great post! Yes, Mollom is a good tool which can protect to website.

  • Thanks for the posting such a valuable post for us. I like this to read most and also recommonded to other for reading. Thanks you agian.

  • Nice presentation

  • Sam Michel

    Hi Brant – nice post, thanks for the tips. We’re happy Rackspace customers running Drupal.

    Comment spam was so bad on our site it had pretty much the same effect as a DDOS attack. In the end, I ended up writing a script to check for comment posts in the Apache log, check the IPs against the StopForumSpam.com API and then add them to the firewall.

    This has solved our problem (so far) and as a happy consequence we’ve noticed a huge drop in page load times, CPU usage and I suspect we’ll see a big difference in bandwidth, too.

    I wrote it up here:


    and the code is available on Github:


    Hope it’s useful. A new coding adventure for me, so all feedback welcomed.

  • Edword Jones

    Thanks for posting its really knowledgeful post and easy to understand.
    And thanks for sharing video also.