Spam @ Elgg Sites

How do we handle spam users/ content on elgg-based web sites ?

  • Save all the evidence of what those spammers are doing, writing, IP#s, email patterns, etc -> if you send me those - I can study for patterns to determine how to block such attacks...

  • @Brett ok now what Disinformation are you making accusations about?? I did nothing but support Elgg in everything I ever did to include Press Releases.

    This Spam Topic is a serious problem you want to know why?? Because I had to start over a site with another database because somehow it got corrupted. Not only that there were over 5,000 spam accounts and the only way I could stop or slow who ever it was down was to disable the registration. Now is that now how you also have this site running is having people like I did months ago sign in with Facebook or Google Friends or even Twitter.

    What I was saying up above is there should be a plugin that will to make any or all links that are posted with Rel=NoFollow. Facebook does it so does Twitter and Digg and even more. So how can such a thing be created and if no plugin then how can a person like me who does not know how to do such a thing make links with the NoFollow tag. You and I both know how the attacks happen there is some type of program out there that finds sites that have the DoFollow tag. If this was changed to NoFollow then guess what why would anyone who spams would ever want to waste their time on those types of sites?

    This is where the flaw is ok and do not make me appear on here as being ignorant or anything else. This could be a simple fix that cut down a huge amount of spam.

  • "Spam in blogs (also called simply blog spam or comment spam (Note that blogspam has another, more common meaning, namely the post of a blogger who creates no-value-added posts to submit them to other sites.) is a form of spamdexing. It is done by automatically posting random comments or promoting commercial services to blogs, wikis, guestbooks, or other publicly accessible online discussion boards."

    Any web application that accepts and displays hyperlinks submitted by visitors may be a target.

    Adding links that point to the spammer's web site artificially increases the site's search engine ranking. An increased ranking often results in the spammer's commercial site being listed ahead of other sites for certain searches, increasing the number of potential visitors and paying customers.

    Spammers also post their URLs - in hopes of earning affiliate marketing commissions or otherwise profiting at the expense of our websites.

    Some of tha major players in the Spam industry routinely hire whole teams of otherwise unemployed (tech-savvy) programmers, etc from 3rd worlds countries, pay them maybe $10 per day to scan any and all social, blog and other Forum related websites - to post their excretion -> this fetches the big players mucho Google ratings and $$$'s in their pockets at the expense of our websites and ur hard work.

    The high-tech math and algorithms as those used by the Googles, Yahoos, MIT's.. might be beyond the reach of us mortals. So we need to create our own home-grown A.I. or close-enough while being good enough techniques to detect, combat, cure and pre-empt breeds of spam.

    PS: There is a mis-conception goind around that Elgg is the only one of the blogging/ social-networking platforms that has exploitable weaknesses and holes while other platforms are better equipped to handle such dangers. This is incorrect and a definite piece of FUD !

    From my experience trouble-shooting for some clients -> Moodle, WordPress, Joomla, Drupal - all have their share of back-doors and weaknesses. Sometimes a cursory study of the apache access and error logs shows the obvious spam/ hack attempts which will try known weaknesses.If anyone wants to see some of this evidence (and of course you be able understand) - I can (PM) supply snippets of such attacks. ;-)

    My only technique to learn for many years and to try combat spams and hacking has been to read up the usual and known "crackers" blog-sites. Yes - that is the correct term - not 'hackers'. hackers build things, crackers break them.

    As I have said before - you get spammed on your sites' profiles, blogs, pages, etc - do not delete and destroy the evidence immediately -> save all that you can and send to me for study - your reward might be some workable-solution for those attacks for tailored for your site.




  • I've had similar problems on WordPress (created static home page and disabled comments, fixed most of it), Joomla (no fix yet), MediaWiki (protected homepage so NOONE can edit it), and PLIGG as well as ELGG.  I just deleted the whole installation until I can figure out how to prevent these guys from getting in. There is too much to delete it all with just one person.

    I did find a solution on PLIGG that might be a starting point for anyone with some more programming expertise. has an API that checks new registrations against their database of known spammers and prevents anyone in database from registering.  You can report and add new spammers to the database if anyone gets through.  Cut down everyone who was able to post as well as sign up on my PLIGG site. (Still a few new registrations on a site that's not really up and running yet, but I can report them if they do more than just register now.) I'm wondering if the same API can be used to screen new registrations on ELGG?

  • @karen :what do we call it? mere coincidence? We just released the plugin which uses the API to prevent spammer registration with elgg :)

    @all : lets put our hands together for the spight against spammers, get the plugin from and keep reporting about the spammers

  • 'Help against Spam.."

    Mi amigo Torsten (Westor - ElggMan and SMS PlugIns creator) from Germany has been working with some 5% consulting from me on developing a spam-proof method of allowing registratons to automatically block out spam-bots.

    His code can be seen at his own Elgg web-site where he showcases his professional technical development as a community ->

    So far the observations have been -- spam is reduced ca. 80-90% - the rest are manually generated.

    In parallel with this - I have been approached by some people to code updates to *the Site-Access PlugIn, after doing certain logic corrections for certain clients to make their web-sites safer from spam-bots and spam-humans who must be getting frustrated by now ;-)

    S/A is going thru a requirements-gathering SDLC phase so that we can determine the most wanted features to incorporate. Also I would like get 'official' blessings from Wade (ShellCode's real name, LOLZ)  to do such enhancements, knowing that he has been rather too busy in his new top-notch tech-security job. 

    We would be happy with any feedback for both Site-Access enhancements features and Torsten's (Wesolek) vewy kewl 150% AJAX-driven registration code. We are looking at releasing a GPL and a commercial version for Westor's AJAX-driven Registration PlugIn.

    We welcome any feature requests for either version and we will do our best to code these into the PlugIn. Feature resuests can be posted here. Any detailed discussions - either one of us may contact you directly via PM.



  • @Dhrup and all : when using the captcha plugin with the antispammer plugin(Sorry for the self reccomendation), spam registration on many of the sites I know are reduce to less than 2%.

  • Unfortunately a captcha didn't stop the spam at my site. Only e fews weeks spam was reduced, but it worked not permanent.

    I don't like to give spammers a guidance here to try to circumvent my plugin, but I can say that my approach is to replace the original php script for registration with XHR requests. This makes it more difficult for bots to make there requests.

    The other positive effect ist because of using AJAX we have the chnace to give feedback before the register button is pressed, e.g. if username is already used, email address is already in use or invalid etc.

    See screenshot:

    Westors Register

  • Captcha has been known for weaknesses and has been broken. Even the Visual Captcha used at has been cracked. A description of and some advice for captcha web-site is given here ->

    Captcha and Spammers :=




  • @soldierone and all:

    Our izap-antispam plugin has option to interpolate rel=nofollow for all external links. Even elgg bookmark is also following what we done.

    You can check at to see this.