Skip to main content

Akismet Anti-Spam Modules for Drupal and phpBB

By Bryan - Posted on 12 June 2006

For our Wordpress 2.0 sites, we have been using the Akismet plugin to fight off the spam thrown at us through our comment pages. We've been impressed with the results with over 550 spam filled comments blocked since early 2006 and only two spam comments slipping by Akismet's filters. With these impressive results, we have been hoping to see an Akismet Drupal module also developed. Now both Drupal and phpBB users have access to an Akismet module for their CMS.


Markus Petrux from phpmix.org announced at Drupal.org:

After several days of work and tests at phpMiX.org, I'm proud to announce the immediate availability of about 2000 lines of code compiled into Akismet module v1.0.0 for Drupal 4.7.

You are encouraged to visit the Akismet site to learn more about it. In just a few words, when new content is submitted to your site, the akismet module sends a real time request to Akismet where hundreds of tests are applied to get a thumbs up or thumbs down kind of response. It may finally that tell us if the content is spam or not. If it isn't, the content is published, if it is, then it is placed on the moderation queue. Moderators may opt-in to receive e-mail notifications for all content, just content needing approval or nothing at all. The module is fully customizable, almost everything is optional. It also keeps track of a counter that you can use to show your visitors how many spam has been caught by Akismet in your site.

Also announced, was a module for the phpBB forum software. You can visit either Akismet or phpBB for more information. If you check out phpBB, you'll likely get a kick when you see that they are calling the mod the "Akismet Spam Butcher". Hopefully both Drupal and phpBB users will find the Akismet modules as useful as Wordpress users have found the plugin for Wordpress to be at their sites.

There is one caveat to using the Akismet modules though. You'll need a WordPress.com API key that is available, as far as I know, only by opening an account at Wordpress.com . I'm not really sure why the API key is only available at Wordpress.com and not Akismet's own site, but that's what they've chosen to do. For non-Wordpress users, Wordpress.org is the site you can download the actual open source software and Wordpress.com is a service that provides users a free Wordpress blogging account.

 

Comments

#1 Akismet module v1.1.0 for Drupal 4.7

Markus's picture
Submitted by Markus (not verified) on June 20, 2006 - 4:24am.
Hi! Just wanted to mention that I have just released version 1.1.0 of the Akismet module for Drupal 4.7. It's been just 8 days from 1.0.0, but it was then when I realized that the moderator queue had to be improved to allow operations against multiple items. It also includes an experimental set of options to prevent DoS situations caused by certain spambots. That's it, happy blogging!

#2 Using Akismet Module

Bryan's picture
Submitted by Bryan on July 15, 2006 - 2:32pm.
I finally got around to installing the module here at CMS Report. Comments are now open without moderation. For those reading this comment, at the time of posting this comment Akismet Module v1.1.2 for Drupal is the latest version of this module.

#3 Once I wrote

James's picture
Submitted by James (not verified) on November 22, 2006 - 11:14am.
Once I wrote on your blog about spam on forums and blogs. It's very easy to get rid of without any scripts. Just hack that can check or send you comments to moderate with more than one link.

#4 Exactly

ramen noodle's picture
Submitted by ramen noodle (not verified) on October 19, 2007 - 10:14pm.
Yes it's pretty easy to get rid of it, on my blog i read all submissions before putting them on online. But well, it's a small blog, for a bigger websites programs are probably better ;)

#5 No one noticed!

Bryan's picture
Submitted by Bryan on July 21, 2006 - 8:15am.

Interestingly, not even Markus noticed that I misspelled Akismet. I had written Akistmet in the title of this post. The post has been revised.

You should start seeing less typos here at CMS Report. I'm using Firefox 2 Beta 1 which has an inline spell checker. It works pretty good, but I have had some crashes. Seems to be a conflict with TinyMCE's remove formatting feature and Firefox 2. When time allows, I'll have to see if anyone has mentioned the bug over at Mozilla.

Cheers, Bryan

#6 Wordpress and Akismet Conspiracy

Eric Gawaterr's picture
Submitted by Eric Gawaterr (not verified) on February 12, 2007 - 8:56pm.
I was excited when I installed my blog at my host and it came with a few plugins already installed. WP-Cache and Akismet. I was excited about Akismet because it seemed like it would do all the work for me catching all the spam comments. Mainly because my last blog was bombared daily and the useless Captcha code seemed to make it worse. Then I had to get a Wordpress API key. I wonder why. Hmm. Smells a little fishy to me. Wordpress.com is spying on us just like Myspace is. Eric

#7 API Key

Eric's picture
Submitted by Eric (not verified) on February 14, 2007 - 3:06pm.
I still cant get an API key. Anyway to speed up the process??

#8 Akismet API key not hard to get

Bryan's picture
Submitted by Bryan on February 14, 2007 - 5:28pm.
I don't recall it being that difficult or time consuming to get an API key.  Instructions as posted from Wordpress.org:

Setting Up Akismet

No biggie, just head over to WordPress.com (http://wordpress.com/) and log in to your account (or sign up (http://wordpress.com/signup/) for one if you don't have one already). Then head into your admin panel if you aren't there already.

Click on the My Account link in the top right corner of the window, and note the API key in the first paragraph under the heading. Now, go to your other site's Plugins > Akismet Configuration page in your admin panel. Then, enter your WordPress.com API key into the text box (copying and pasting is a good way), and click on the "Update API Key" button.

There you go, now you officially have Akismet up and protecting your blog from spam.

Good luck!

#9 Why doesn't CMS Report use akismet?

Sigurd Magnusson's picture
Submitted by Sigurd Magnusson (not verified) on February 23, 2007 - 4:44am.
I applaud Akismet for removing the need for captchas (and the variants like yours where you perform basic math, or Ajaxian's "What does the X is AJAX stand for") so I hope that this site upgrades to use it soon :) I think it's fantastic that Akismet have allowed such easy access for people to use their system, since Drupal is not the only cms with Akismet blog spam protection...

#10 Akismet + Captchas

Bryan's picture
Submitted by Bryan on February 23, 2007 - 9:59pm.
I've been waiting for someone to ask this question.  You ask a very good question and I'm happy to provide an answer!

Actually, I do use Akismet along with Captcha.  Originally, I only used Akismet and overall I found it does a great job of putting spam comment into moderation.  This is great news for the visiting the site to not have to see the garbage spammers leave behind, but as the moderator I found myself spending way too much time reviewing the comments in the moderation queue.  The problem...there is only so much spam comment a person can read before losing a little bit of his or her own sanity.  While I have the option to just deleting the comments identified as spam without reading them, I don't like the idea of deleting a false positives (legitimate comments wrongly identified as spam). 

What I have found is that captchas do a great job of preventing most spam comments that are generated automatically through bots so that they don't even reach the site's database.  Of course captchas don't prevent the human spammer or more sophisticated bots from sending a comment, but I'd estimate that only about 5% of the spam gets through captchas.  So I'm using Akismet to take a look at that remaining 5% and kicking suspected spam comments right into moderation.  With the combination of Captcha and Akismet I'm blocking more attack vectors than I could do alone with either.  Without Captcha and Akismet I likely would not be able to offer anonymous commenting...something I think is very important for the flow of discussion at this site.

#11 Don't delete spam, prevent it (as much as it possible)

Sigurd Magnusson, SilverStripe's picture
Submitted by Sigurd Magnusson, SilverStripe (not verified) on February 24, 2007 - 12:41am.
Instead of deleting the spam, tell the submitter that you think the post is spam. If you're a human then you will then tweak the content and resubmit. If you use AJAX to check for spam, then the user experience is still good. This means only a small fraction of people (the false positives) ever have to bother with an interactive spam prevention measure. Sure, it allows the occasional undiagnosed spam in (and I do know this happens), but it is occasional, as you said yourself. (And my opinion is that the occasional spam let in is better than the pain of a capcha, or moderation) Using AJAX to inform the user their post is spam is what we do with our ajax blog system (direct link to demo).

#12 "Akismet Spam Butcher"

tqm_z's picture
Submitted by tqm_z (not verified) on March 28, 2007 - 11:00am.
"Akismet Spam Butcher" project has been abandoned, meanwhile I have made similar MODs project, currently in BETA stages.

#13 To catch the last robot

orican@drupal.org's picture
Submitted by orican@drupal.org (not verified) on June 3, 2007 - 1:09am.
To catch the last robot bypassing your filter and even prevent paid human beeings from hacking spam into your premium site's comment sections (who knows), you should install the spam module. It contains a links treshold filter that will fit another 98% of the comments coming through. The rest will be catched by spam module's learning filter. Note the spam module makes use of a comment's links section. So this should be outputted in your comment template file, at least for comment administrators. I myself commented this out a while ago and it took me months to figure out how to mark a comment as spam... Another idea is to change the name of the captcha field from "edit[captcha_response]" to - say - "edit[i_love_squirrels]". I didn't test this, though. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - | don't buy World of Warcraft Gold, make'em. | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

#14 cool

Anonymous's picture
Submitted by Anonymous (not verified) on July 1, 2007 - 2:47pm.
cool
Bryan's picture

About this CMS Enthusiast

Bryan Ruby is the owner and editor for CMS Report. He founded CMSReport.com in 2006 on the belief that information technologists, website owners, and web developers desired visiting sites where they could learn about content management systems without the sales pitch.

Outside of his late night blogging hours, he is the Information Technology Officer for a field office in the federal government. Away from the computer he enjoys his family, bicycling, camping, and the outdoors.