Marketing Eric

vBulletin is probably the best commercial solution for starting a forum available today because it offers a wide variety of features, an excellent administration panel and a variety of both free and commercial plugins and “products”. I have been using vBulletin’s software for the Pligg Forums for nearly two and a half years and through that time I have had to deal with a lot of spam, especially in the past few months. At first it was a rare enough problem that I was able to maintain the spam by manually removing a thread here and there once a week. Through a vigorous program of spam bot registration prevention and keyword monitoring from new users posts I have been able to keep most spam off the general forums, but it’s taken a lot of plugins and continuous work to do so.

The first tip that I have is that you should turn on email confirmation for new user registrations. This in combination with the captcha system will stop most bots at the gates before they even have a chance to post anything on your forum. Unfortunately some servers and users will have issues with sending and receiving emails, so email verification isn’t always the answer.

The next step is to prevent users who use “one time” email accounts. These types of email accounts are set up to prevent users from receiving spam email from suspicious websites, but they can also be used by spammers and just plain lazy no-good users. I prefer that users give me a legitimate email address when signing up, not one of these spam prevention email services. Users who bring quality content to your site should at least be willing to offer a valid email address. Spammers can also abuse these free short term email services so I decided recently to ban the use of many “short term” email domains for all future registrations. You can do this easily by navigating to your vBulletin administraton panel, click on “vBulletin Options”, then select from the drop down menu “User Banning Options”. The second field should be for inserting “Banned Email Addresses”, here you can just copy and paste my domain blacklist below.

Banned Email Domains:

The “Restrict usernames to alphanumeric and underscore” plugin for vBulletin lets you have better control over username character options. I suggest not allowing spaces in usernames (vBulletin default) and I haven’t seen any spammers using underscores thus far so I have left that option on for now. I believe that I installed this product originally to make the usernames compatible with Mediawiki integration.

This is the latest an probably the most difficult spam problem that I have had to deal with. It’s a rather clever trick that spammers came up with to improve their site’s search engine performance and get better search traffic. Spammers sign up for dozens of accounts using keywords like “Buy DrugX Here”, where DrugX is replaced with a variety of prescription drug names. They then place as many links as they can fit in their user signature directing to their sites. The reason that spammers have been using this method is because my site is seen as reputable through the eyes of Google, so placing text on my site for the traditionally disreputable pharmaceutical drug websites gives more credibility and they often appear high up on search results because of my vBulletin SEO methods (Thanks to vBSEO).

What’s so tricky about this problem is that there’s really no way to easily see when a user is doing this, unlike traditional thread or post spam that appears on the general forum where users will often flag it. The only way to check for this type of spam is to go through each days user registration log looking for suspicious names. I have about a hundred signups each day, and it would be a waste of my time to check each name and signature for this type of abuse so I had to find a better method. The two methods for fighting this type of spam is banning certain words from usernames and stopping new accounts from being able to place links or even text in their signatures.

Similar to the above topic of email spam, a blacklist is probably the best option for preventing username abuse. Under the vBulletin Options >> User Registration Options, you will have an “Illegal Usernames” input box. There you can list a space separated list of usernames you don’t want to allow. A new user will be denied any variation of a username with one of those words.

To prevent signature spam from non-active users there are two options. The first method is built into vBulletin, just create a new usergroup for users with 0-however many posts and don’t give that usergroup permission to have a signature. The downside to this method is that it isn’t retroactive and past users will keep their existing signatures. The second option comes in the form of a simple vBulletin product SM Limit Editing Signature Before X Posts product (pictured above). It stops anyone with fewer than X threads from creating a signature. The vBSEO Conditional Signatures product allows you to set more precise settings to prevent signature spam abuse in your threads along with other useful features.

Spambuster is a plugin that checks all new threads and compares the content to a list of keywords that are marked as spam-like. Each keyword is given a number to rank how spammy it might be and if the total number of keywords tallies high enough the post is held for moderation and moderators are alerted to it. This is probably the most advanced and useful plugin for vBulletin spam prevention and it has been extremely helpful in stopping spam appear on my forums.

One of the downsides to Spambuster is that it doesn’t come with the best list, but it offers a good starting point. You will want to modify the list so that it doesn’t flag common items and add a few words yourself. To help you out I am offering my modified Spambuster Keyword Definitions. I suggest using this list and setting your spam trigger level to 10 and the Post count threshold to 5.

Even though Pagerank Sculpting/Pagerank Leak are debated concepts among SEO professionals, I find it useful to use nofollow formatted links for less important links among my sites. Forums and blog comments are abused just to get search engine traffic, so I will often use plugins or design elements to automatically parse urls with a nofollow attribute to prevent search engines from following the links off my site. To do this automatically with vBulletin, it just takes the NuHIT URLs plugin. This plugin can also be set to open external urls in a new window. An intro guide to the theory of Linkjuice is covered through this video entry on SEOmoz.

I imagine with all of these tools, spammers will have a difficult time taking advantage of your site. It may not be necessary to run all of these plugins, but I have learned from experience that it’s better to not give a spammer a fighting chance or else they will exploit every hole possible.

If you know if any other useful vBulletin tricks, tips or products that I might have forgotten please leave a comment. I’d be glad to learn about some other great tricks for stopping spam before it starts.

One final bonus trick is probably something that you should do sooner rather than later. This tip will save you from a lot of the above problems because it will stop search engines from indexing member profiles which makes spamming your profile pages useless for spammers. Open up Notepad and copy/paste the code below and then save it to a file robots.txt, then upload that file to your forum root. This file will remove several vBulletin tools that Google doesn’t need to index and should ignore when it crawls your site. Most important are the members.php and /members/ lines which tell Google to ignore the member profiles. The other lines are optional with the exception of the first.

My Robots.txt File: