One thing every website has to contend with eventually will be stopping spammers from making your user’s life a misery by constantly posting content or creating loads of work which you need to clean up. I wanted to go through some of the options you have to help make this a lot easier and how to save yourself a lot of time and hassle in the long run.
Captcha options in ocPortal
One of the key components in stopping spammers is to make use of the Capcha settings built in to ocPortal. In most cases the ocPortal Captcha which is made from CSS and is difficult for bots to break through should be turned on by default. To check or to turn this option on you can find the options in the Security options section. To find this section log in to your adminzone. Go to the set up section and choose Configuration. The security options page can be found linked here. The enable Captcha option is in the second section down.
If the option is not enabled you should enable it now to make the Captcha images made using CSS and harder to crack. To make sure the Captcha is turned on you can find the “Use security images (CAPTCHA)” option in the first section on this page. There is one further option in this section directly related to the Captcha and that is whether users are only allowed one attempt for each CAPTCHA before it is replaced with a new image.
There are two more options related to CAPTCHA which can be found in the Site options section which can again be found in the Configuration area of your adminzone. Both are in the last section of the page which is titled Advanced.
In this section you can turn on extra noise on the Captcha forms. Adding noise makes it more difficult for spammers but makes the Captcha forms more difficult to read. Just below this option is the option to turn on a CAPTCHA for feedback forms. I usually turn this on as it helps stop you getting more spam in this area.
More Anti Spammer options
There is also support for http://www.stopforumspam.com/, http://dnsbl.tornevall.org/ and http://www.projecthoneypot.org/account_login.php all of which can help in the constant battle against spammers.
Creating an entry level user
Another option you have is to create a Usergroup which requires all of their actions to be validated by a moderator before they appear on site. The benefit of this is it should stop your users from seeing any spam whatsoever on your site. On the flip side it creates more work for you and your moderators who will need to validate far more content.
If you do decide to create an entry level user group which will need posts validating before they can progress to a level where they won’t need posts validating and you are still running a version 9.0.11 or earlier. You will need to run the following Hotfix: https://github.com/chrisgraham/ocPortal/commit/d1ae01c . If you are using version 9.0.12 or later you won’t need to do this.
This hotfix changes when points are awarded to when a post is validated instead of the existing when a post is made.