One major problem with websites is the incessant attack of comment and form spamming. This is caused by what’s known as a “SpamBot“. SpamBot’s are annoying “Robots” that crawl websites in search for forms, comments, user logins, and any other exploitable script to add spam to the website or email spam to the website owner. These “Bots” are automated and run and regular intervals.
What are the SpamBot’s activities?
SpamBots major mission is to compromise a website for the purpose of sending spam. Below are some of the most common SpamBot activities.
- Fake Accounts
- Blog Comment Spam
- Contact form submissions
- Email spam from website
- Common PHP file exploits
- Email account Hi-Jacking
How do I prevent SpamBot activity on my website?
Secure your web forms and comments
When a SpamBot files out a form on your website, the form will need validation to make sure all the inputs are correct. The best way to stop a SpamBot is to include a captcha on your Web Forms. This will require the visitor to fill in required information proving that the visitor is a human.
Disable/Secure Logins
To prevent SpamBot’s from repeatedly filling in Fake Users, you can secure the login with a plugin if you use a CMS (Like WordPress) or you can limit the login attempts.
Update your software
SpamBot’s are an increasing bane of web master existence and so many CMS developers are including more SpamBot preventions within their software. If you are sing a CMS, you will want to make sure your version is the most up to date.
Email account Visibility
Hide your email address. Many SpamBot’s find your email address in your website because the email address is in plain text for all to see. Use an image to display your email address if you need the email address on your site. Otherwise, do not have a plain text of your email address on your website.
Review your logs
It is a good idea to review your logs of those who accessed your site. Most CMS programs have a plugin for this. For example, WordPress has the MVIS Security Center plugin that monitors this. You can view your logs and those who accessed your site through Shell (VPS or Dedicated servers only) or cPanel AwStats as well.
Set up a Robots TXT
You can set up your robots.txt to restrict robots from accessing your website. Please see our article on stopping Search Engines from crawling your Website.