A simple spam filter for sNews CMS

by on

April, what a month this has been thus far, I'm finally done with jury duty after 2 weeks! I've been so busy with that and trying to stay on top of my other work, that I haven't had hardly a minute to enjoy myself or work on any of my sNews projects, until today that is.

Recently I mentioned I was working on a function to filter out all that garbage link spam, well, I have had a basic version running on my sNews site here for a while, so I've cleaned it up and am releasing it here for public use.

What does this function do? Well, two things right now... when you pass a comment to it, it will;

  • Check for linkspam, if someone has tried to insert more than 2 links, it will flag it as possible spam.
  • Check for clusters of consonants, i.e. "garbage words". This is sort of English-language centric, but all the sNews spam I've seen is English, so I think it should work well for others as it's working wonderful for me thus far.

This function doesn't modify the comments in any way, rather it identifies if it is possibly spam and allows you to send that comment to moderation while allowing others to post directly. By no means a foolproof method, but in conjunction with my image / match hybrid captcha mod, it can severely limit the impact of bot spam on your sNews install.

This means spam like this one will be sent straight to moderation;

motORE izkpclcuguab, [url=http://krjyaebubfcw.com/]krjyaebubfcw[/url], [link=http://babukwwpyzwx.com/]babukwwpyzwx[/link], http://tpgdyvvxhdqf.com/

If you get spam like that and want to stop having it posted right away, try this out.

1. To get started, as usual, BACK-UP your snews.php file and work off a copy, now insert the new function mayBeSpam at the end of your snews.php file above the closing php tag; 

function mayBeSpam($comment) {
    if (_ADMIN) { // user is the admin, not spam
        return false; 
    }
    if (preg_match_all('/((http)+(s)?:(\/\/)|(www\.))/i',$comment,$matches) > '2') { // more than 2 links inserted, likely spam
        return true;
    }
    if (preg_match_all('/[bcdfghjklmnpqrstvwxz]{5,}/i',$comment,$matches) > '0') { // big consonant clusters indicate likely garbage words
        return true;
    } 
}

2. Now find the function comment and within it, find the following line and add the highlighted code below it;

$approved = s('approve_comments') != 'on'|| _ADMIN ? 'True' : '';
if (mayBeSpam($comment) == 'true') {
    $approved = '';
    $send_to_moderation = '1';
}

3. Still within the function comment, find the following line;

$commentStatus = s('approve_comments') == 'on' && !_ADMIN ? l('comment_sent_approve') : l('comment_sent');

and change it to;

$commentStatus = (s('approve_comments') == 'on' || $send_to_moderation === '1') && !_ADMIN ? l('comment_sent_approve') : l('comment_sent');

4. Now find the bit containing the comment email notification and modify the second line to reflect the highlighted changes below;

if (s('mail_on_comments') == 'on' && !_ADMIN) {
    if (s('approve_comments') == 'on' || $send_to_moderation == '1') {

That's it, now upload your modified snews.php file and if you allow comments without moderation, it will automatically send comments with 2 or more links or the "garbage words" to the moderation queue.

As of right now, the spam check function is very basic, but the reason I wrapped it in a separate function is so anyone can extend it by adding their own checks in there, i.e. if you get a lot of spam comments containing the words "viagra" or "credit report", you can add a check to send comments containing a threshold of those keywords to moderation instead of directly posting them.

Share or Bookmark This Post:

Comments

RSS Comments Feed

sasha's Avatar

sasha

I have jury duty last year first time in my life .. duty is duty ..two weeks you stayed? Man that is long time...? What happend?
Matt's Avatar

Matt

Well, here in Massachusetts it's either 1 trial or 1 day, I just got unlucky and got picked to sit on a jury on a trial that ended up taking 2 weeks.

This is the 3rd or 4th time I've been called, but the first time I've been picked.
Sven - Philippe's Avatar

Sven - Philippe

Thanks a lot Matt. It's working great.
sasha's Avatar

sasha

Sory Matt your comment and my got delited buy Joost from forum....Now i m going to be back on snews forum more then ever..I just waiting to buy me new pc and we going to Rock forum and snews :)...One more time sory Joost delieted all post and i just want to say final hello to my friends..That is not right...Life goes on ..All see you in forum he cant ban me from forum ....I like your site and i like your MODs...I wisit your site couple times in week...Keep up great work Matt....
Poppoll's Avatar

Poppoll

Thanks Matt.
Added and working great.
Poppoll
sasha's Avatar

sasha

Hi Matt!!! Hey can you make MOD for email form to be independent from core file..Let says i want to use email form on my front page and i use code and email is show up on front page...I want to see email form totally controlled by user not by snews....I hope this help and i think this is big flaws for snews....thx
Matt's Avatar

Matt

Hi Sasha,

You shouldn't really need a mod for that, you could probably just copy the form code from the contact page and edit it the way you like, then place it anywhere you like, because when sNews detects the $_POST['contactform'] variable it runs through the function at that point.




(optional, not publicly displayed)


(optional)

Subscribe

RSS Feed

Archives

More from the archives →

Powered by HTML5

HTML5 Powered with CSS3 / Styling, Multimedia, and Semantics