How to install / activate spam protection?

Topics: Administration, Core
Nov 29, 2013 at 1:07 PM
Im running Orchard 1.7.2 and have recently found I am getting 100s of spam posts on my comments area of my blog. I see that 1.7.2 has an antispam module but I can't seem to get it working.
Can anyone point me in the right direction for instructions on how to enable spam protection on comments.

Nov 29, 2013 at 7:09 PM
After enabling the module attach on of the new antispam parts to the Comment content type. JavaScriptAntispamPart won't need any configuration while ReCaptchaPart needs something to be configured under the site settings. Furthermore there is spam filtering with spam text detection, you can use SpamFilterPart for that and one of the bulit-in spam detection services (Akismet or TypePad) and those need configuration under site settings too.

Long story short: if you want to start simple, just use JavaScriptAntispamPart and if it's enough take a look at the more serious solutions.
Dec 2, 2013 at 9:25 AM
Thanks! I will do that and see how it goes.
Dec 2, 2013 at 11:07 AM
Has anyone had any luck getting the akismet spam filter working?

I enabled the anti-spam module and the akismet filter and attached the spam filter part to the comment content type.

In the configuration for this part on the content type I then added tokens for each of the comment fields (author, author url, etc) but I've noticed (when debugging) that none of these tokens are being interpreted...

For example, in the Author field I have:


And in the Comment content field I have :


...but with a breakpoint in the DefaultSpamService.CreateCommentCheckContext() method after the call to create a new CommentCheckContext I notice that the values for context.CommentAuthor and context.CommentContent are empty. If I hard code values in the above fields instead of tokens, then the hardcoded values are set correctly in the context.

It seems to be a problem with the tokeniser and comment tokens...or am I missing something?
Dec 2, 2013 at 11:39 AM
Further to this, upon inspecting the content item that is passed into the DefaultSpamService, although it has the comment and spam filter parts, at the time that the spam check is performed, the comment part is not yet populated.

This lead me to check the order in which the editor methods are being called on each part driver, and it appears that in my case the SpamFilterPartDriver is being evaluated before the CommentPartDriver. This explains why the comment tokens are not populated at the time that the spam service runs.

So I guess here we need to look at somehow controlling the order that the drivers are executed (ie. ensure the commentpartdriver.editor() call is executed prior to the spamfilterpartdriver.editor())....or... I suspect the better approach might be to move the spam check out of the spamfilterpartdriver into the handler in the on creating event?
Dec 23, 2013 at 11:15 PM
I'm running into the same issue.

Debugging a Comment submission with the Anti-spam module enabled, the submission always fails on Line 80 of DefaultSpamService.cs
if (string.IsNullOrWhiteSpace(context.CommentContent)) {
       return SpamStatus.Ham;
context.CommentContent is always empty.

I've configured the Spam Filter part on the comments content type with the following tokens,

Author - {Content.CommentAuthor}
Author's email - {Content.CommentAuthorEmail}
Author's url - {Content.CommentAuthorUrl}
Comment content - {Content.CommentMessage}

however the corresponding values in context are always empty.

Any ideas? I've recently updated from 1.5 to 1.7
Dec 24, 2013 at 2:10 AM
I've raised an issue for this and implemented a solution. I'll get a pull request put through as soon as I can.

Here's the issue:
Dec 24, 2013 at 3:38 AM
Dec 24, 2013 at 8:04 AM
Thanks for posting that - I've implemented it this morning and all appears to be working - which hopefully means I won't have to battle spam over the holidays.

Out of interest - any idea on what the token is for the Permalink entry?
Dec 24, 2013 at 1:36 PM
Not sure to be honest. I've left this one blank in my spam filter configuration.

Maybe {Content.DisplayUrl} would work? ...although I wouldn't expect it to, since the token is being evaluated in the context of the Comment, not the content that the comment is being added to. Maybe there's someway to drill down into the {Content.CommentedOn} token?