Antispam Tips
Are you getting traffic from search engines for something that a referer spammer faked into your stats page? Would you like to keep your referer data and stats page visible to visitors but stop the undesirable traffic? If so this is the place for you.
Referrer spammers use a couple of methods to find you, and a big one is using the search engines. They look for "top referrer" and "recent referrer" and "disp=stats" knowing that if you have those then you are a b2evolution user and that they can spam you. The solution is four parts, the first two of which are normal everyday b2evolution stuff.
Tips to avoid comment and referrer spam
First always keep your antispam table up to date.
b2evo comes with a blacklist. Update that frequently. (This is found in System > Antispam > Blacklist).
In your back office click the Antispam tab then click Request abuse update from centralized blacklist. Your antispam table will be compared to the community-based version then updated. You will see some things that are added and some that are already handled, then it will tell you it’s done. If this is your first time getting the update you should do it again and again until the update doesn’t have any new sites to add (or identify as already handled) so that you get ALL the available updates.
Change the directory/folder name for your trackback and comments
Change it from htsrv to any other valid directory/folder name. Then edit conf/_advanced.php
to reflect the change. Change the following line of code:
$htsrv_subdir = 'htsrv';
This prevents bots that automatically attempt to submit comments and trackbacks using b2evolution’s default htsrv installation.
For more instructions and updates, see the forum thread Whoo’s antispam techniques in one simple thread.
Keep in mind that spammers are constantly altering their methods. A technique for avoiding spam one day may be ineffective in the future. b2evolution is committed to making your blogging experience as spam-free as possible.
Clearing spam from your referrer logs
- In the backoffice, click on the Analytics tab.
- Click on the Referring domains tab.
- Scroll to the bottom and look at the ‘’Top referers'’ section
- If you see undesirable sites, click the ‘’ban'’ symbol next to their name.
- You will be taken to the antispam section. Your hit logs and comments will be searched for the undesirable domain names, and if found they will be listed for you.
- You will then have up to 4 checkboxes for you to (1) delete the hits (if there were any), (2) delete the comments (if there were any), (3) ban the domain locally, and (4) report the domain to the central blacklist.
- Do it. Click Perform selected operations to delete them, ban them, and report them.
Stop search engines from sending you traffic you don’t want
Now that you’ve cleaned up your referer data and stats page the next thing to do is to stop the search engines from sending you traffic you don’t want. The problem is you can’t really do that as long as they have your page indexed. The solution is to control what they index, and this involves editing your _main.php file in your default skin. Open skins/skinname/_main.php in your favorite editor and look for
<meta name="keywords" content="<?php $Blog->disp( 'keywords', 'htmlattr' ); ?>" />
<meta name="generator" content="b2evolution <?php echo $b2_version ?>" /> <!-- Please leave this for stats -->
<link rel="alternate" type="text/xml" title="RDF" href="<?php $Blog->disp( 'rdf_url', 'raw' ) ?>" />
<link rel="alternate" type="text/xml" title="RSS .92" href="<?php $Blog->disp( 'rss_url', 'raw' ) ?>" />
Now you add a "robots noindex nofollow" tag for the stats page by adding a conditional statement about $disp:
The same time we’ll also put in a noindex, nofollow on all pages that are not just the articles itself.
<meta name="keywords" content="<?php $Blog->disp( 'keywords', 'htmlattr' ); ?>" />
<meta name="generator" content="b2evolution <?php echo $b2_version ?>" /> <!-- Please leave this for stats -->
<?php if( $disp == 'stats' )
{ // stop search engines from indexing the stats page
echo '<meta name="robots" content="noindex, nofollow" />'."\n";
} ?>
<meta name="robots" content="
<?php if( ( $disp!='posts' && $disp!='single' ) ||
( $disp=='posts' && ( $paged>1 || $cat!='' || $m!=0 || ( is_array( $catsel ) && count( $catsel )>0 ) || $w>=0 || $s!='' ) ) )
echo( 'no' ); ?>index,follow"/>
<link rel="alternate" type="text/xml" title="RDF" href="<?php $Blog->disp( 'rdf_url', 'raw' ) ?>" />
<link rel="alternate" type="text/xml" title="RSS .92" href="<?php $Blog->disp( 'rss_url', 'raw' ) ?>" />
It will take a while for this to help because you have to wait for the search engines to index your blog again. In the mean time keep your antispam table up to date by getting the updates, and keep your stats clean by checking your stats page for suspicious activity. A domain name that suddenly shows up in the top of your Top referers section is suspicious!
Anti-spam Plugins
* Coming soon….
Historical
Porn sites have found a way to fool blogtools into thinking sites are being referred by them. b2evolution has a built in way to handle this. In versions prior to 0.8.7-beta, you can fix this by adding them to the $block_urls
array in the /conf/_antispam.php
file. In 0.8.7-beta and later releases, you can click the http://b2evolution.net/admin/img/noicon.gif icon by the spam referer or spam comment to ban the listed domain. You can also ban any keyword directly in the Antispam in the The Back Office. This will ban referrers from domains containing those keywords, and comments with links containing those keywords.
By the way, spammers aren’t always porn sites. A spammer is someone who fakes referer data to get on your referer list. If you see a suspected spammer you might want to visit the site to make sure before reporting them. Sometimes I do, but only if the name isn’t obviously unrelated to the things I blog about.
NOTE: The offending sites have been blocked in the Central Antispam Blacklist, so all you have to do to be protected is Adding a Blacklist Entry from the central ban list, by clicking the link in the Antispam tab of your back-office. By updating your Local Blacklist from the central list, or Adding a Blacklist Entry to the central list, you agree to the Terms of Service.