Announcing The Ultimate Anti-Splog Plugin And An “Akismet” Like Service For Splogs
This is the plugin every WordPress MU or Buddypress admin has been waiting for! Announcing Anti-Splog, the ultimate plugin and service to stop and kill splogs in WPMU.
This plugin goes way beyond any existing splog plugin for WPMU because at it’s core is the new Anti-Splog API service hosted at WPMU Dev Premium. This means that Anti-Splog not only prevents/limits bots, it also identifies human and existing spammers automatically and with great efficiency.
Four Layers of Protection
Anti-Splog works with four layers of protection to provide the ultimate in splog killing power. Up front we have 5 methods to choose from that can limit or stop those evil automated bots that are flooding your WPMU site with splogs. These can be fairly effective, but with our experience on sites like edublogs, a large number of splogs are manually created. While every other splog prevention plugin stops here and leaves your site unprotected, ours goes 200% further.
If the splogger makes it past the initial roadblocks the plugin sends all their signup information to our API server, and we decide if it’s suspicious enough to mark the blog as spam right off the bat. The beauty of our Anti-Splog API service is that we crowdsource data from tens of thousands of splogs from edublogs and other Anti-Splog users. If anyone else has run into that splogger or spam post you don’t have to worry about it on your site.
Sometimes our Anti-Splog service may not have enough information to mark a blog as spam right at signup. But not to worry, that’s when Anti-Splog pulls out it’s most potent (and amazing) weapon: Post monitoring. The second a splogger writes a spam post, no matter how cleverly disguised, our API service analyzes it and boom, that splog is shutdown. It’s hard to describe the utter satisfaction we are getting watching splogs killed live before our eyes every few minutes at Edublogs. Evil sploggers have finally met their match with Anti-Splog!
And if all that wasn’t enough, we include an incredibly well thought out moderation queue for blogs. When our API service returns a suspicious score that’s not high enough to auto spam, they get sent to the “Suspected Blogs” queue instead. From there you can monitor suspicious blogs until you know whether they are spam or not. When you are sure just mark them as spam or ignore them to remove them from the queue. Our API service will learn from every action you take, becoming more and more accurate.
- Signup prevention – these measures are mainly to stop bots. User friendly error messages are shown to users if any of these prevent signup. They are all optional and include:
- Limiting the number of signups per IP per 24 hours (this can slow down human spammers too if the site clientele supports it. Probably not edublogs though as it caters to schools which may need to make a large number of blogs from one IP)
- Changing the signup page location every 24 hours – this is one of the most effective yet still user-friendly methods to stop bots dead.
- Human tests – answering user defined questions, picking the cat pics, or reCAPTCHA.
- The API – when signup is complete (email activated) and blog is first created, or when a user publishes a new post it will send all kinds of blog and signup info to our premium server where we will rate it based on our secret ever-tweaking logic. Our API will then return a splog Certainty number (0%-100%). If that number is greater than the sensitivity preference you set in the settings (80% default) then the blog gets spammed. Since the blog was actually created, it will show up in the site admin still (as spammed) so you can unspam later if there was a mistake (and our API will learn from that).
The Moderation Queue – for existing blogs or blogs that get past other filters, the queue provides an ongoing way to monitor blogs and spam or flag them as valid (ignore) them more easily as they are updated with new posts. Also if a user tries to visit a blog that has been spammed, it will now show a user-friendly message and form to contact the admin for review if they think it was valid. The email contains links to be able to easily unspam or bring up the last posts. The entire queue is AJAX based so you can moderate blogs with incredible speed, not having to wait for the page to reload on every action. Click an action link (like spam) and it flashes and instantly disappears!
- Suspected Blogs – this list pulls in any blogs that the plugin thinks may be splogs. It pulls in blogs that have a greater that 0% certainty as previously returned by our api, and those that contain at least 1 keyword in recent posts from the keyword list you define. The list attempts to bring the most suspected blogs to the top, ordered by # of keyword matches, then % splog certainty (as returned by the API), then finally by last updated. The list has a bunch of improvements for moderation, including last user name, last user IP, links to search for or Spam any user and their blogs or blogs tied to an IP (incredibly powerful, be careful with that one!), ability to Ignore (dismiss) valid blogs from the queue, and view a list of recent posts and instant previews of their content or the entire blog without leaving the page (the most time saving feature of all!)
Recent Splogs – this is simply a list of all blogs that have been spammed on the site ever, in order of the time they were spammed. The idea here is that if you make a mistake you can come back here to undo. Also if a user complains that a valid blog was spammed, a review link will be sent to your email so you can quickly pull it up here and see previews of the latest posts or entire blog to confirm (normally you wouldn’t be able to see blog content at all for spammed blogs).
- Ignored Blogs – If a valid blog shows up in the suspect list, simply mark it as ignored to get it out of there. It will then show in the ignored list just in case you need to undo.
Here is a flowchart to trace the functionality of Anti-Splog:
Anti-Splog is Buddypress compatible with the exception of auto-renaming wp-signup.php. Note that it does not yet protect against spam users or their entries in status updates, forums, activity streams, etc.
We have been testing and tweaking this plugin on Edublogs.org for two months, and it’s helped us kill more than 20,000 splogs already! Time to clean up your WPMU site and make some sploggers really mad!
You can get your API key here. Note you must be a current WPMU Dev Premium member to access our Anti-Splog API, though the time you will save with this plugin is well worth the cost of membership!