phpFox Corporate & Development Updates

SPAM has been a hot topic within our community and we wanted to inform the community on how we plan to combat spam with phpFox2.

There are several ways on how we planned on combating spam. First, we need to control content being added to the site; which could be text data from blog entries, bulletin posts to private messages. Such data contains a lot of characters and can be subject to an abundance of spam. In order to control this information before the data is entered into the database we will parse the data to check if we believe the text contains strings of what would be considered spam. To backup our efforts we will be creating a plug-in for Akismet, which will help us combat spam by processing the string and return a yes or no if they believe the string contains spam. Once a string of data is considered spam by us and Akismet we have come up with a system to monitor users that are spamming.

A good user that does not spam will start with the count “0″. If they spam an item the count increments. Currently we have worked out a one time warning before an automated ban for the user for spamming. The warning will be when their spam count reaches 5 (where 5 is controlled by a setting within the AdminCP and can be changed) we warn them and when adding items in the future they will be asked to enter a Captcha challenge. Since they have surpassed the count of 5, which is the number of times a user can spam before they are warned any data they add to the site will be considered spam. Admins can view these items within the AdminCP and moderate if they believe the item is spam or not. If the Admin deems that the item is not spam we decrement the users spam count, approve the item for public viewing and pass the information along to Akismet to look over the data so it will not be considered as spam in the future. A user can return back to a “good” user if their items are approved since we will decrement their personal spam count and once they are under the limit (5 in this case) they will not have to do a Captcha challenge or have their items moderated.

If a user continues to spam and they reach a personal spam count of 10 (where 10 is a setting that can be controlled from the AdminCP) we auto ban the user and log all their IP activity in order to prevent them from signing up in the future.

The method we have gone over to help stop spam can all be controlled from your AdminCP and can be disabled entirely. Benefits of using Akismet with our product is since Akismet parses data on their own server your site will always be up-to-date with the latest techniques on combating spam.

The spam count system we have come up with will also work in other areas:

• Disallowing URL’s in titles for items (eg. blog title, thread title, bulletin title etc…).
• Disallowing URL’s in full names.
• Disallowing URL’s on the site entirely or prompt the user to pass a Captcha challenge if adding external links.
• Disallowing URL’s in the users status.
• Replacing all external links on the site with script redirection, which will warn the user before they leave the site and store the URL’s in a spam table so Admins can monitor external links.

The spam count system and Akismet plug-in development will start once we reach RC1 and will be fully completed by RC4. During the RC releases we will release updates so tests can be done in preparation for the stable release.

If you have any questions or suggestions just let us know.