Once your Drupal website is running you instantly get excited when those first comments come in.   All too often that excitement turns to disappointment when you realize the comments are nothing more than blog spam.  Spam sucks in email and it is the same pain when it comes to your blog.

Anyplace where you have a form is a place for spam -  Comments on blog posts, contact me forms, customer service forms and even occasionally on order pages.  Spam is the the bane of blog administration - but it is something that you have to manage.

There are several ways to try and block spam.

Anti-Spam Filters -  The easiest way and one that frequently will block the overwhelming majority of spam is to install an anti-spam module.  There are several modules to consider:

Spam - This module provides numerous tools to auto-detect and deal with spam content that is posted to your site. Spam can be automatically unpublished and/or deleted.  This module was written specifically for Drupal.  This module can be used with the basic defaults, but it also has advanced functions like allowing for the creation of custom filters where you can target known spam.
 Akisment - This modules takes a spam filter originally built for WordPress and extends it to Drupal.  It works fine and is extremely easy to use - but long term support for this module is questionable.
Mollum - This module is the a relative newcomer in the Drupal world but has quickly gained a following. Mollum is very comprehensive as it tries to block spam on comment forms, contact forms, registration pages and password pages.

You can actually use more than one filter and many users make use of two filters.  However, you really only need to do that if you are still getting spam after installing one of these filters.

CAPTCHA Forms -  CAPTCHA is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. The process usually involves your site asking a user to complete a simple test which the computer is able to generate and grade. Because other computers are unable to solve the CAPTCHA, any user entering a correct solution is presumed to be human.

While this approach is effective it also annoys many users.  Most sites will report a decrease in comments and registrations after installing CAPTCHA.   There are a number of Drupal modules that will provide this service. However, you should carefully consider how annoying the spam is and the impact on visitors before implementing this solution.

Filter Users -  You can create filters and limit who has permissions to post.  This is fine if you have a closed universe for participation and you were planning to setup accounts for all these people.  Otherwise this can be very limiting to the potential for you blog / website.

 Advanced users might try to block proxy servers as 99% of traffic via proxy servers are related to spam. 

RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ - [F]

To use this code, copy & paste these lines into your site’s root .htaccess file.

Spam is a double edged sword.  It is a pain, but looking for the silver lining  when you start to get spam that also means you are being found in the search engines and people are aware of your site!

Related posts:

1. Drupal and AdSense - Maximize Your Ad Revenues
2. 5 Drupal Modules You Must Install
3. Speed Up Your Drupal Installation
4. 5 Drupal Settings for New Installs
5. FREE CW2 Buoyant Drupal Theme