In light of the recent COVID-19 pandemic - OPTASY would like to offer DRUPAL website support for any Health Care, Government, Education and Non-Profit Organization(s) with critical crisis communication websites or organizations directly providing relief. Stay Safe and Stay Well.

7 Anti-Spam Drupal Modules to Spam-Proof Your Website With
Drupal

7 Anti-Spam Drupal Modules to Spam-Proof Your Website With

by Adrian Ababei on Jul 04 2017

When you say “SPAM” you say “facts of life”! The life of any Drupal site/app/blog owner or administrator out there! And aiming for a 100% spam-proofed website is as realistic as toiling hard to eradicate... social inequity for good. And yet, you can still cut it down to the very minimum thanks to this heavy weighting “offer” of anti-spam Drupal modules available to you!

Depending on the spam prevention Drupal approach that you'll supercharge your website with you'll be fighting spam via:

 

  • challenge-response interaction
  • real-time filtering
  • a “deadly” combo of the two approaches
  • more or less user intrusive methods (meaning featuring CAPTCHA or not)

     

And if the Mollom module for Drupal still is you site's old and familiar “shield” against spambots, you should know that the popular, non user-intrusive  spam filtering service will cease to exist as of 2 April 2018. 

Since no one knows how it's going to get configured after this date, whether it will continue to safeguard all sites or none, you'd better be open to alternatives.

Now to spare you of a time-consuming research, here are 7 anti-spam Drupal modules that our Toronto web development team has already hand picked for you! Scan them through, compare them and go for the one that best suits your site's anti-spam needs:

 

1. Honeypot

Honeypot is, by far, THE anti-spam module!

Basically, when they say or think of “spam prevention”, 99% of “Drupalists” out there say/think of the Honeypot module, of the Honeypot method (for yes, there's even an anti-spam “method” named after it).

So, you get the idea: in Drupal world spam-filtering means “honey-potting” in 9 out of ten cases!

“How does it work?”, you say? It fights back spambots on two fronts:

 

  1. It uses a simple, yet surprisingly effective little “trick”: it adds a hidden field precisely to those forms on your Drupal site that it spam-proofs. An easily configurable “bait field” named something like “website” or “URL”. Once that hidden field gets filled in, it's a sign that a spambot has taken the bait. Sneakily-clever and effective!
  2. It uses a timestamp (which, again, you get to configure to your liking, the default time being of 5 seconds). If a web form on your Drupal site gets filled in quicker than that specific timeframe that you've set, Honeypot will instantly block its submission. It will identify the “submitter” behind it as being a... spambot.

     

So simple, so effective and where do you add that Honeypot falls into that category of anti-spam Drupal modules that are 100% non intrusive. The ones that don't keep “bugging” your site's visitors with captcha tests to be solved in order to prove their humanity!

There's no user interaction involved, since Honeypot runs its “spambot-detecting” tests on the web forms directly!

Note: a con of this module is that those particular web forms on your Drupal site placed under Honeypot's anti-spam protection can't get cached! The module disables caching for these particular web forms.

 

2. http:BL

Now here's another spam blocking Drupal module worth your full attention!

Compared to Honeypot's own methods, the HTTP:BL's one is completely different: it blocks any requests coming from Ips included on a DNS blacklist! A blacklist put together by all the Drupal sites using this module for spam protection.

A sort of collective fight against spam, one that your own site will be involved in and “reap” the benefits of!

Note: the http:BL module can be installed on Drupal 7 websites only for the time being.

 

3. Captcha, One of The Reference Anti-Spam Drupal Modules

How could we have left out, from our list, precisely the module leveraging the “reference anti-spam method” itself: the CAPTCHA method?

It does precisely what its name says: it integrates CAPTCHA into your web forms! A challenge-response system meant to block any attempt of automated spam posting, based on “inconveniencing” the user to pass a given test (answering a question, solving a math problem etc.)

The module comes with its own default challenge-response tests, so it can be used as a standalone spam-blocking solution, and it can also be used as a base API for other anti-spam Drupal modules.

Notes:

 

  1. our Toronto digital agency's team strongly recommends you to go for the second scenario, to make it just part of an entire “ecosystem” of anti-spam solutions on your Drupal site. There have been quite a few cases when spambots did manage to solve these challenge-response tests.

     
  2. do keep in mind that captchas are always a deterrent for your users and can easily turn into a factor responsible for the low conversion rate on your Drupal site

     

4. reCaptcha

Take the CAPTCHA and the Re-Captcha modules as a “check and double check” spam-preventing method!

The ReCaptcha module goes even tougher on bots as it leverages the “squiggly words” method for blocking spam. Basically, words difficult to read by spambots get taken from old books and turned into captchas.

Note: a potential disadvantage of using this anti-spam Drupal module is that some users, too, might find it hard to recognize these “hard nut to crack”, less common words!

 

5. Antibot, One of the Anti-Spam Drupal Modules to Supercharge Your Site With

Here's another representative of the group of anti-spam Drupal modules that are totally unintrusive!

It uses its spam-preventing “superpower” like this: it practically assumes that bots are discouraged to spam pages using Javascript, therefore users enabling JavaScript in their browsers are, implicitly, spam-proofed by default.

For those cases where spambots do attempt to render precisely these “safe” JavascripT-based pages, the module will inspect your visitors' mouse movements and keyboard key presses in order to identify them as “humans” and to allow them to submit their filled in forms.

A pretty clever check-up if you come to think of it!

Note: one of the Antibot module's notable features is that, unlike other anti-spam Drupal modules, it doesn't disable cache on the web forms that it protects. A performance-enhancer you just can't overlook!

 

6. Botcha

Take the Botcha module as an all-in-one spam-blocking solution for websites running on Drupal! And where do you add that it doesn't involve any user interaction (and therefore “user bugging”) either!

There are 3 methods that this module uses for detecting and blocking spammy form submissions:

 

  1. the honeypot method: it adds that hidden, “spambots luring” field to the protected web forms on your website
  2. the source calculation-based method
  3. the time-based method

     

And there's more! Once enabled, this module will also prevent any attempts of resubmitting the same form by using its own “NoResubmit” formula.

Note: the only downside is that there's no Drupal 8 version of the module. Not just yet!

 

7. Simple Anti-Spam        

This module's main “role”, in its mission to prevent spam posting processes, is to block automatic spam coming from anonymous users.

And its name says it all; it's a simple “two-ingredient recipe” that it relies on for blocking spam:

 

  1. there's an “I'm not a spammer” checkbox
  2. and there's an “I'm a spammer” hidden checkbox

     

Once the later gets checked or the former is left unchecked, it will just “warn” the module of a “suspicions activity” on your Drupal site. It's then that Simple Anti-Spam displays a warning message or simply blocks that specific form from being submitted to your Drupal site.

Moreover, from:

 

  • blocking web forms by maximum text length
  • blocking them by stop words
  • to blocking form by number of links
  • and the list can go on

     

...the Simple Anti-Spam module is one of those anti-spam Drupal modules that can report a form as being “suspicious” (automatically blocking it, too) based on a whole array of criteria.

Note: there's yet no Drupal 8 version!

 

Your turn now! What other approaches have you adopted on your Drupal site for... pulling the plug on any type of spam activity? 

Development

We do Web development

Go to our Web development page!

Visit page!

Recommended Stories

DrupalDrupal 8
Is Drupal Good for eCommerce? 11 Excellent Reasons Why You’d Choose It over Another Platform

Is Drupal Good for eCommerce? 11 Excellent Reasons Why You’d Choose It over Another Platform

"... wanna run eCommerce on Drupal 8 but don't know if it's a good idea." But is Drupal good for eCommerce?  And, most of all: Is it better suited for your own online business needs and feature requirements than other eCommerce platforms out there? Some legitimate questions you're struggling with there… To give you a hand, here's a list of 11 excellent reasons why you'd lean towards Drupal for your next eCommerce project. Reason #1: You're in Full Control of the Source Code to Make Any Changes You Want In other words, you don't need to convince vendor first that the changes you need to make are beneficial for him/her. You're free to extend Drupal eCommerce platform's core functionality, to adapt, and extend its code till it meets your needs entirely.  … till it integrates perfectly into that specific software that you use. Which is not the case when you go for a commercial solution: you're not granted access to the core code for any custom software development work that you might need to make. Of course, this "reason" becomes a really strong selling point only if/when: you have non-standard business requirements it's a large, complex eCommerce website that you're building Reason #2: Your eStore Grows With Drupal  Drupal scales with your business... effectively. And by that I mean that it's designed to keep the resources and the time required to handle your online store's growth at a minimum. Being: flexible by nature (its open source nature) powered by the API-first initiative … the Drupal 8 eCommerce platform makes the best choice if "scalability" is on top of your list of requirements. Reason #3: You Get to Reach Out to Your Customers Across Multiple Channels  "Is Drupal good for eCommerce?" It becomes the perfect option for your own eCommerce website if you're planning to reach out to your customers across an entire network of sales channels. Let's say you have your main/central eCommerce website and you need to pull content from there and to distribute it across a whole ecosystem of channels — eCommerce apps, digital kiosks, conversational interfaces — and devices. Then, the API-first initiative allows you to tap into a headless commerce Drupal architecture and: use Drupal as a back-end content repository configure your content to fit all types of formats and reuse it whenever (and wherever) needed increase your outreach incorporate business automation into your development team's workflow: help them work smart and achieve more Reason #4: You Get to Deliver Content-Driven eCommerce Experiences With Drupal, you get the best of both worlds: an eCommerce platform (by integrating one of its specialized eCommerce modules into the content management system) a content platform And this is what makes it ideal for: tapping into the experience-led eCommerce model getting the most out of your content marketing efforts (think blog posts, effectively interconnected product pages, user guides, etc.) Reason #5: You're Free to Integrate Any Third-Party Service into Your Online Store From: marketing platforms to analytics services to payment gateways of your choice (there are 80+ payment options available with Drupal Commerce) to third-party add-ons that would automate your team's tasks and boost their productivity (while boosting online sales, as well) … Drupal & its eCommerce component accommodates any type of integrations you need to make. Reason #6: "Is Drupal Good for eCommerce?" It Is for Delivering High-Speed eCommerce Experiences Just think… real-time shopping cart updates.  Or pretty much any action that your customers would need to carry out on your eCommerce site, then turbocharge it with top speed. A decoupled Drupal Commerce setup (add the JavaScript framework of your choice here) enables you to deliver such type of dynamic user experiences.  Reason #7: You Have No Limits to How Much You Can Extend Your Drupal 8 eCommerce Website Drupal Commerce can grow as much as your business needs. Whether you need to integrate: a whole network of third-party systems a whole lot of contributed modules an eCommerce Drupal distribution (a bundle of multiple modules) a Drupal eCommerce theme  … and extend your eCommerce store's functionality, there's no limit to what you can incorporate into your Drupal eCommerce website. Reason #9:  You Benefit from an Extremely Configurable eCommerce Solution "Whereas eCommerce solutions are often developed with an application mindset, highlighting what you can do with it out of the box, Drupal Commerce was developed with a framework mindset, focusing on what you can build with it." (Source: Drupal.org) Basically, you're free to customize every little piece of your Drupal 8 eCommerce site, till it: delivers that unique shopping experience you want it to meets all your ultra-personalized requirements: to trigger certain actions based on user input, to display multiple tax rates, to have an out-of-the-ordinary checkout flow, etc. Here, it's up to you and it depends on what you need to build: Are you looking for a cookie-cutter eCommerce solution, that would help you get a generic webshop up and running in no time? Or do you want unlimited customization freedom, that comes at the cost of…  investing more time in writing custom code? Reason #10: You're Free to Sell Both Physical and Digital Goods And that thanks to Drupal Commerce's flexibility: It provides you with the functionality you need to start selling your digital products — subscriptions, tickets, online courses, etc. — on your online store. A key aspect to consider when comparing the features of your best options in terms of eCommerce platforms in 2020. Reason #11: You Can Make the Most of the Granular and Differential Access to Content Drupal allows you to define different roles for your team members and to assign several levels of permission to each role. Not everyone would then be authorized to edit content, add products, manage orders, publish content, etc. This way you get to: set up a convenient hierarchy harden your online store's security  So, Is Drupal Good for eCommerce? Maybe a more appropriate question would be: "Is Drupal the right solution for my eCommerce business?"  It might be... And these 11 reasons mentioned here do become the best arguments for you to choose it over another platform (Ubercart, Prestashop, Shopify…) if: it's a growing or an already established eCommerce business that you run (otherwise, all that configuration and custom work might be an overkill for a small business) you have complex feature needs for your online store: you need to integrate it with coupon rules, several backend systems, and so on Do you fit the eCommerce business owner "profile"? For we do fit the profile of that Drupal eCommerce agency you're looking for, capable to tweak it till it fits your complex requirements to the slightest detail. Just challenge us!   Image by StockSnap from Pixabay  ... Read more
Adriana Cacoveanu / Sep 30'2020
DrupalDrupal 8Tips
10 Best Headless CMS in 2020, That Cover Most of Your Requirements (Part 2)

10 Best Headless CMS in 2020, That Cover Most of Your Requirements (Part 2)

Ready to compare the features of 5 other best headless CMS in 2020? We've got them ready for you to just dive in and: survey the key reasons why you'd choose one over the other discover each one's main use cases narrow down your options … and pick the one that matches your requirements. What Is the Best Headless CMS in 2020? 5.6. Directus An open source tool for managing and delivering content across an entire network of platforms and devices. And here are some of the top reasons for choosing Directus: it provides your editorial team with an easy to use admin app for managing content it can be in the cloud or self-hosted it provides API for your development team to fetch content 5.7. Netlify CMS  One of your top 10 headless CMS options, an open source one, that you get to add to any static site generator of your choice. A React single-page application that provides you with an easy to use UI, playing the role of a… wrapper for your Git Workflow. Basically, when using Netlify CMS your content gets stored in your web app's git repository (as markdown files), close to your codebase.   "How does a Netlify CMS Gatsby setup work?"   It's pretty straightforward: You enter your content via that user-friendly interface, then Gatsby uses it to come up with the right pages for your web app. Why would you use it? it fits both large and small-sized projects, with fewer pages to create, to add content to, to edit, and to manage you get to review/preview your content and make changes in real-time, and even control entries status in editorial workflow mode it provides you with an easy-to-use UI, with just 3 tabs: workflow, media, and content you're free to use it with any static site generator you get to extend its functionality: add your own UI widgets, editor plugins, customized previews, etc. 5.8. GraphCMS     An API-first content management system, a GraphQL-native one, that allows you to distribute content across multiple digital platforms. And not just anyhow, but… within minutes. Your developer team gets to create content APIs in no time, whereas your content team gets all the tools they need for a smooth editor experience.   Source: capterra.com GraphCMS vs Contentful: Main Differences GraphCMS works best for enterprise and mid-market companies, enabling them to build highly scalable applications GraphQL is its underlying technology: an open source query language for APIs, that's been growing more and more popular among developers Contentful targets top global brands, helping them distribute digital content experiences across complex networks of markets and channels REST is its underlying technology: a programming paradigm for distributed systems And here are 2 good reasons for choosing GraphCMS as your go-to headless content management system:  you get a CMS that's client-side and JAMstack compatible you get to tap into the benefits of a JAMstack approach to development (JavaScript & Markup & API) 5.9. Cosmic A cloud-hosted headless content management system that provides you with both GraphQL and REST APIs. But what makes Cosmic one of the best headless CMS in 2020? Why choose the Cosmic Headless CMS?  it ships with features like content modeling, media management, localization, and webhooks it grants you a smooth editor experience with its WYSIWYG  editor, that you can use to incorporate (by embedding code) third-party services like Typeform and GitHub. it integrates smoothly with AWS, Slack, Algolia, Stripe, HubSpot 5.10. Kentico Kontent A cloud-based content delivery API that turns your structured content into content that's easy to be "consumed" by any device or digital platform that you might use as a front-end delivery layer.  Why would you choose it over other great options of headless CMS? you get an AI chatbot when using Kentico Kontent it provides webhooks and custom elements that make third-party integrations a lot smoother you get content management API enabling content consumption And we've come to… the END of the list of 10 best headless CMS in 2020. Which one checks the most features off your list? Now, if you're facing a "Headless Drupal 8 vs Contentful" dilemma, we're here to: help you identify the one that works best for your business and your requirements make your headless CMS-based project work Just drop us a line!   Image by tdfugere from Pixabay   ... Read more
Adriana Cacoveanu / Sep 26'2020
DrupalDrupal 8JavascriptTips
10 Best Headless CMS in 2020, That Cover Most of Your Requirements (Part 1)

10 Best Headless CMS in 2020, That Cover Most of Your Requirements (Part 1)

Overwhelmed with options? Are you building your first (e-commerce) headless CMS and you don't know what headless CMS platform to choose?  What are the best headless CMS in 2020, so you can at least narrow down your choices and start... somewhere? Which system matches most of your feature requirements? Here's a top 10: 1. But First: What Is a Headless CMS, More Precisely? Relax, I won't bore you with too many details — we already have an in-depth post on the differences between headless and traditional CMS. So, if we were to sum up the concept in just a few words, we could say that: A headless content management system is an architecture where content is separated from the presentation layer (the client-side front-end). Meaning that you get to create, store, and edit "raw" content (with no design or layout) in the backend and deliver it wherever needed —wearable, mobile app, website — via API. In short, what you get in a headless architecture is: a database to store your content in a dashboard for editing your content Source: Zesty.io As for the "head" that serves your content to the end-user : you're free to build your own front-end, from the ground up … and even multiple front-ends, if needed, that will all use calls from the API to retrieve and display content 2. … Then What's a Decoupled CMS? Headless CMS vs decoupled CMS: what's the difference? And why headless over decoupled? The role that the API plays… That's what makes the difference (and why you'd want to go for a headless approach): If, in a decoupled architecture, the API plays the role of an intermediary between back-end and front end, in a headless architecture the API can be used by any of the front-end portions for pulling data. In other words, a decoupled CMS does come with a built-in front-end delivery layer, that you can rely on, but a headless approach is an API-driven content repository. Which gives you more flexibility for delivering content to any type of display layer. … to multiple "heads". You're free to distribute it wherever it needs to get displayed. 3. Why Choose a Headless CMS? Top 9 Benefits Before I "divulge" the best headless CMS in 2020 to you, here's a shortlist of the key advantages of using a headless CMS software: you get to engage your customers with personalized content across an entire network of digital channels, at different stages in their journey you can deliver richer digital experience, tailored to each channel you gain platform independence you're free to choose your technology of choice you benefit from cross-platform support you get to manage your content from a central location and distribute it to multiple platforms/IoT-connected devices, in a universal format you're free to manage all your platforms from one interface your development team gets to choose the development framework of their choice, integrate new technologies and, overall… innovate you're free to redesign as often as you need to, without the dread of re-implementing your entire CMS from the ground up     4. … And When Should You Use It? 5 Best Use Cases  How do you know for sure that you need to adopt this approach? You know it because your scenario describes one of the following use cases for headless CMS: you're building a site using a technology you're familiar with you're building a website with a static site generator you're building a JS-based website or web app you're building a native mobile app you're building an e-commerce site and you know that the commerce platform you're using won't… cut the mustard as a CMS; or you need to enrich product info in your online store 5. What Are the Best Headless CMS in 2020? Top 10 "Which CMS should I use?" you wonder. "The one that meets most of your requirements…" So, you should start by pinning them down. What features are you looking for in a CMS? Maybe you need a system that should: be straightforward and easy to use for the marketers/non-technical people in your team be built on… Node be highly customizable and editable for your content team to be able to change overlay text, logo, background video/image be simple to set up integrate easily with Gatsby support multi-site setups not be tied up to (just) one specific database provide ease of content entry and rich-text support provide a granular permission system provide native support for content types What are the features that your project couldn't live without? Now, with that list of "mandatory" features at hand, just drill down through your top headless CMS options in 2020. Here they are: 5.1. Storyblok A purely headless CMS that ships with a visual editor, as well. Why would you go for Storyblok? What makes it one of the best headless CMS in 2020? it provides the experience of a page builder for all those non-technical users in your team: editors get to manage content via a more user-friendly interface it grants your developers easy access to the APIs they need 5.2. Prismic Its major selling point? It allows you to choose your own language, framework, technology… And these are the 3 good reasons to go with Prismic as your headless CMS: it allows you to model your content schema and to add your content you're free to choose whatever framework that meets your feature needs: React, Vue, Next, Nuxt, Node, Gatsby… you're free to choose either GraphQL or RESTful API to query content 5.3. Drupal 8 Headless CMS   Another great option is to exploit Drupal's headless capabilities and pair them with the JavaScript framework of your choice. Here are some of the best reasons why you'd use a Drupal 8 API-first architecture: Drupal's a mature and enterprise-level headless solution backed by a wide community, used by more than 1 million sites globally; you get to tap into its massive module collection and even create new custom ones to extend your website's functionality its JSON:API follows the JSON:API specification; developers in your team can start using the API even if they're not experts in working with Drupal you get to load your GraphQl schemas straight from your Drupal content repository; there's a specialized module for this: the GraphQL module you get to use all of  Drupal's famed features (granular access to content, processes, workflows, modules, etc.) right away; you get them out-of-the-box since the REST API is… rooted deep into Drupal 5.4. Strapi, One of the Best headless CMS for Gatsby. It's an open-source Node.js headless CMS, a "host it yourself" one, that allows you to build Node.js apps in… minutes. Why would you use it? because it generates available RESTful API or uses GraphQL shortly after installation, making data available via customizable API because it allows your developers to invest all their resources in writing reusable app logic (instead of having to use some of that time to build an infrastructure) because it's fully JavaScript because it supports plugins that extend the platform's functionality because it's open-source: you'll find the entire codebase on GitHub  5.5. Contentful  Looking for a platform-agnostic solution? A… content delivery network that would enable your development team to manage and distribute (and reuse) content to multiple channels? Then this is the API-driven headless CMS you're looking for. Here are 6 other reasons why you'd want to put Contentful on your shortlist: consistent APIs easy to set up you're free to create your own models easy to use: ships with a robust, non-technical, user-friendly UI you get to add custom plugins quick and easy you get to set your own schemas to get displayed the way you want them to, across different apps Good to know! There's even a Shopify extension available. What it does is connect your online store to your content, stored in Contentful. And if you'll need help with building, fine-tuning, and integrating your content hub, we're ready to tweak Contentful to your needs.  END of Part 1! Stay tuned, for there are 5 more candidates for the title of "the best headless CMS in 2020" waiting in line.  Image by Couleur from Pixabay ... Read more
Adriana Cacoveanu / Sep 25'2020

Need a new Project?

Dare us to shape and boost your idea(s)!

Start a Project

(416) 243-2431

Contact

(416) 243-2431

Toronto Downtown

First Canadian Place,
100 King St. W. Suite 5700, Toronto

Toronto West

2275 Upper Middle
Rd. E, Suite 101
Toronto

New York

1177 Avenue of the
Americas, 5th Floor,
New York