Event Mod Invites & Blog Mod Spam

Hi Everyone:

I wanted to ask a couple questions concerning the Event and Blog Modules.

Regarding the Events module, it only sends invites to emails on file for an event. I'd really like for invites to be sent to member's inbox, within my site, as well. Is there a way to set the module for this? Or does this require coding?

Secondly, I've been experiencing a lot of spam with the blog module. Most of the time, it includes HTML code placed in the editor that breaks up my site template. I've considered adding a Captcha to address this issue. Can anyone provide some insight on how to execute this? I'm open to other options too if anyone has suggestions on a possibly better solution. 

Thanks in advance!

The Premium Events module has functionality to send Invites to the Inbox.

Thanks modzzz. I'm going to check it out.

By any chance, would you have any suggestions regarding my other issue with spam in the blog module? Would placing a Captcha be the best solution? 

Thanks again,

The captcha might work if spam bots are accessing the blog module and posting blog posts.  If humans are doing this the captcha won't stop it.  Are you allowing guests to post blog posts?

Thanks for your response geek_girl.

No, I don't allow guest to post. Only members can post. I do allow auto confirmation when registering, but that's it. 

I haven't even launched my site yet and this has been a fairly persistent issue. 

The problem might be from spam accounts.  Have you checked the membership list for possible spam accounts?  If only members can post, then it has to members posting.  I get spam signups at times and they often post spam blog posts.  The other area they like to hit is the forum.

geek_girl,

Yes, I do. Whenever I see the spam posts, I go to the "members" in admin panel>> delete spam.

I continuously get these spam members doing the same thing month after month. And a good bit of the time they come in pairs. Its just annoying and I was hoping I could prevent it some way or decrease the occurence.

Thanks for the heads up about the forum being a target. I haven't had anything there yet, but I'll be ready.  

What you need to do is to put some antispam blockers in place to prevent the spam accounts.  I would suggest that you turn on the confirmation email requirement as a first step.

A couple of modules I know about from the market; have not used them, just know of them is:

http://www.boonex.com/m/bot-stopper-automatic-spam-fighter

http://www.boonex.com/m/dolphin-anti-spam

geek_girl,

Thanks for suggesting those modules. I'll check them out.

I set the auto-confirmation so that I didn't need to manually approve every new user, but it may be worth revisiting. 

Thanks again. 

I have auto activate turned on, so I don't have to manually activate the accounts, and email confirmation required.  With the email confirmation, users are required to verify their email accounts.  Some spam accounts will confirmed their emails.  I also use the free module from the market that blocks unconfirmed members from being able to access the site.  Some spam accounts will be created by humans and they will confirm their emails, so at times I do have to delete spam accounts.

http://www.boonex.com/m/block-unconfirmed-members

geek_girl,

I understand. I also have the email confirmation requirement, but the spammers are confirming their registered emails accordingly. Usually 20-60mins after registering. I wasn't sure if it was humans or super sophisticated bots or something.

Thanks for the free mod suggestion. I will definitely check that out as well.

I'm guessing there's measures that can help and lessen the occurrence by making it tougher for spammers to gain access, but no complete, 99.99% prevention. Is this fair to say? I'll always have to be active in removing spammers to some degree, pretty much it seems. 

use a credit card confirmation (you can use an API from authNet to verify CC's without actually charging) or charge a small fee like $1 to join your site. That will stop more spammers.

ProfessorSr,

Thanks for your response and suggestions. I think that would be highly effective.

The CC verification could come in handy for other needs as well. 

Thanks again!

You might want some other way of allowing members to verified as well.  People have gotten very skittish about their CC info given the recent credit card issues at places like Target.

Very true GG. The good thing about using the AuthNet API for verifying CCs is that none of the info is stored ANYWHERE. So no place for someone to hack, except the actual transmission between the website (on the clients machine) and the webserver, so that should probably be through SSL.

I would add a very clear notice that you do not store their credit card information and do not see their credit information.  I tell this to my members when they use their CC for buying memberships.

 Are these spammers mostly from one or a couple domains?

If so, Deanos spam tool allows for blacklisting certain domains, phrases [edit] and bots.

The bot stop from Denre keeps bots out, not live spammers, but will allow the input of phrases as well.

Thanks geek_girl and ProfessorSr for all the valuable insight and suggestions.

Really appreciate it!

 Thanks for the response newton.

They're coming from various locations. Typically have gmail or hotmail accounts with strange alphanumeric names. I can almost guess its a potential spammer just from the email account registered. 

I will check out the tools you suggested. They sound like they can be of some help. Thanks.