Spam Defense Network

Wuinfo Drupal Drop
Spam is a big headache for many website owners. Using the Drupal impression module, I saw the relentlessness of the spammer bots. Every day, for a single site, I got thousands of hit from URLs like "/?q=user/register" and "/?q=node/add". I have someone commented on my LinkedIn update of my blog post Is there more computer bots than us?. She is "on the verge of giving up on Drupal after being unable to solve this problem". How do we address this issue and solve the problem? I know this is not the issue for one CMS like Drupal, but, it provides some mandate for us to do something. Build something for Drupal and usable by other CMS like Wordpress and Joomla.

I have a bold idea of blocking spam efficiently without taking a toll on the performance of every website. Let's set up a websites spam defence network. A network based on a global spam IP database. Each website is a node of the defence network. It provides spamming IP query as a web service.

The idea is to have a distributed but well-controlled spam IP servers. All participated website acting as a node in the network and capture spamming IP and report it. Web sites are connected and talk to each other and form a defendant line in front of spammers. The network will quarantine the spammer IP for 45 minutes or more depending on how active the spamming activity. The IP will get off the list after the quarantine time ended.

Web sites that join the network will have faster responding website by freeing up the resource taken by spamming activity. We will have a cleaner internet by eliminating the fake users, spamming comments and contents.

Technical wise, we use the open source solution. We can build distributed spam IP database like git repository. We use composer repository, so, all PHP based CMS websites can easily join the network.

Comments

(Part of) your network allready exists. See project httpbl. I created a suite of modules that block bots with several techniques (online and in batch) over all my 50 Drupal sites where every cron run a local central database is updated with the newly found bad IP-addresses and results distributed to all sites. A new customer (with an existing Drupal site) asked after a month how I was able to block all those spammers that filled daily all forms on the site.

Good to know it. Thanks Promes

Has project honeypot been sufficient to manage form submission or are the strictest settings to lax to achieve a decent outcome?

Add new comment

Target Image