Skip to Content

Prevent Content and Comment Spam With the Akismet Module

bryght.com > Support HQ > Bryght Admin Guide > How To's > Prevent Content and Comment Spam With the Akismet Module
Posted January 24th, 2007 by Richard Eriksson

The Akismet module communicates with the Akismet.com server to determine whether content (nodes) and comments submitted to your site are spam, or machine generated text designed to increase their ranking in search engines (and annoy site administrators). The module also has an option to help prevent against spambots (computers on the Internet identified as spammers) and denial of service attacks (when several computers gang up on a website with the intention of bringing the site down).

Sign Up for a WordPress.com API Key

The Akismet module requires a WordPress API key, which you can generate through http://wordpress.com/api-keys/ Follow the instructions there and you will receive your key via email. If you already have a WordPress.com account, you can get your API key:

  1. log into your account
  2. go to the Dashboard
  3. click on "My Profile" link in the top right corner

Note that the API key listed here does not include the dot.

Configuring the Akismet Module

Click Administer » Site configuration » Akismet. To get settings for "Comment Options", you will need to enable the Comments module in Administer » Site building » Modules.

Filtering Out Content (Node) Spam

Though generally used to prevent anonymous (or not logged in) users from posting spam, you can also enable Akismet checking for node types. This is only useful when you allow anonymous contributions, since requiring users to signup for accounts is usually a high enough barrier to entry to keep spammers out.

There are three options for filtering content spam:

  • Choose which content types get checked. "Check for spam in these node types:"
    • For content types accessible by trusted users, it's generally recommended to disable filtering on that type.
    • We recommend filtering only content that anonymous users can submit. If registered users can only submit content, that usually constitutes a high enough barrier.
  • Show publish/unpublish links: will only show below items. This allows administrators to quickly publish or unpublish without telling Akismet.com any information. See below.
  • Show submit spam/submit ham links: will only show below items. These allow administrators to tell Akismet.com that they missed spam or that it incorrectly flagged something as spam. See below.

Quickly Publishing or Unpublishing Content or Comments

If a user has the "moderate spam in nodes" for specific content types, or the "administer nodes" permission, and publish/unpublish links are enabled, below each post that user will see one of two links. They will not communicate to the Akismet.com server any information about the comment or content.

Quickly Flagging Comments or Content as Spam

Sometimes Akismet misses content or comments that should be flagged as spam. The module allows users to teach Akismet.com what constitutes spam and what constitutes legitimate content. If a user has the "moderate spam in nodes" for specific content types, or the "administer nodes" permission, and publish/unpublish links are enabled, below each post that user will see one of two links:

  • submit spam: shown if content or comment has not been identified by Akismet as spam. Clicking this link will set the content or comment to unpublished (not visible by anybody except administrators), and will send a message to the Akismet.com server that the content or comment is spam
  • submit ham: if the content was identified by Akismet as spam, clicking this link will tell the Akismet server that this is a legitimate content item or comment.

Resetting the Akismet Counter

The module keeps an internal count of how much content or how many comments were flagged as spam. You can reset the counter, or start it off at another number, and change when the counter starts incrementing.

Spambot Protection

The Akismet module provides some protection against spambots. Those are servers on the Internet designed to visit a site and a) determine whether the site can be spammed and b) spam the site. The Akismet module can check the IP address that is trying to access your site and run it against Akismet.com's database. If the module finds a match against either the IP address, email address, or content already defined as spam, it can send one of 4 responses:

  • delay a response
  • HTTP error 503 (Service Unavailable), showing a simple blank page.
  • HTTP error 403 (Forbidden), showing a simple blank page.
  • HTTP error 403 (Forbidden), showing a Drupal generated page.
‹ Personal Contact FormsupRedirect Your Feed to Google's FeedBurner Service ›