Google recently posted a blog with some tips on how to keep user/bot generated SPAM from ending up on your website. I’ve italicized user/bot because I don’t want you to get your SPAM confused… We’ve written about Google Analytics SPAM numerous times. This stuff is a little different, though it can be related.
Protecting your website from user generated SPAM is important because it can cause serious issues with your website in the eyes of Google. SPAM can be a source for malware or injected links. It can even go as far to result in your website being hijacked completely. Google doesn’t want to show a malicious website (or potentially malicious) to any of its beloved users, so act accordingly!
The major source for user generated SPAM on a Law Firm website is your blog comments. If you aren’t already, you should enable email notifications whenever someone comments on one of your blogs. This way you can act quickly.
Here are the tips from Anouar Bendahou, Search Quality Strategist at Google, to fight this type of SPAM (I’ve bolded my favorites):
- Keep your forum software updated and patched. Take the time to keep your software up-to-date and pay special attention to important security updates. Spammers take advantage of security issues in older versions of blogs, bulletin boards, and other content management systems.
- Add a CAPTCHA. CAPTCHAsrequire users to confirm that they are not robots in order to prove they’re a human being and not an automated script. One way to do this is to use a service like reCAPTCHA, Securimage and Jcaptcha .
- Block suspicious behavior.Many forums allow you to set time limits between posts, and you can often find plugins to look for excessive traffic from individual IP addresses or proxies and other activity more common to bots than human beings. For example, phpBB, Simple Machines, myBB, and many other forum platforms enable such configurations.
- Check your forum’s top posters on a daily basis. If a user joined recently and has an excessive amount of posts, then you probably should review their profile and make sure that their posts and threads are not spammy.
- Consider disabling some types of comments. For example, It’s a good practice to close some very old forum threads that are unlikely to get legitimate replies. If you plan on not monitoring your forum going forward and users are no longer interacting with it, turning off posting completely may prevent spammers from abusing it.
- Make good use of moderation capabilities. Consider enabling features in moderation that require users to have a certain reputation before links can be posted or where comments with links require moderation. If possible, change your settings so that you disallow anonymous posting and make posts from new users require approval before they’re publicly visible.Moderators, together with your friends/colleagues and some other trusted users can help you review and approve posts while spreading the workload. Keep an eye on your forum’s new users by looking on their posts and activities on your forum.
- Consider blacklisting obviously spammy terms. Block obviously inappropriate comments with a blacklist of spammy terms (e.g. Illegal streaming or pharma related terms) . Add inappropriate and off-topic terms that are only used by spammers, learn from the spam posts that you often see on your forum or other forums. Built-in features or plugins can delete or mark comments as spam for you.
- Use the “nofollow” attribute for links in the comment field. This will deter spammers from targeting your site. By default, many blogging sites (such as Blogger) automatically add this attribute to any posted comments.
- Use automated systems to defend your site. Comprehensive systems like Akismet, which has plugins for many blogs and forum systemsare easy to install and do most of the work for you.