As I wrote some time ago, we protect our blog with Akismet against spam.
For those who don’t follow Ryan Bates’ Railscasts (I really suggest to do so) I want to introduce Akismetor. It’s a small library that simplifies the use of Akismet. I really recommend watching this free screencast about how it works or alternatively you can read the Akismator README.
Spam is more and more a problem for many sites. And there are many approaches to fight spam. One is Akismet.
Akismet is a collaborative effort to make spam a non-issue. While there are Akismet plugins for Typo, WordPress, etc. you have to do some work to use it in your own application.
In this article I will demonstrate how to use Akismet in your own
Rails application to protect it against spammers. As example I will use comments, e.g in a weblog.
I’m assuming you already have your blog up and running, and want to add spam protection with Akismet.
Akismet is free for personal use. But for using it, you have to get a key. Either a commercial or a personal one.
So go to http://akismet.com/ and get one.
For the personal one you will get redirected to the WordPress signup. If you just
want the key for your application, choose the option Just a username, please..
After submitting the form, you’ll get an activation email. Click on the link in the email
to verify your email address. Then you will get another email, which contains your
user data and your Akismet key labeled with API Key:.
David Czarnecki has written a Ruby interface that you can use in your application to easily access the Akismet API.
Download the akismet.rb file from here:
http://soakedandsoaped.com/files/akismet.rb
and put it in the lib directory from your Rails application.
The filename has to be akismet.rb. (case sensitive!)
In your controller write a little helper function that checks comments for spam.
This could look like this:
1 2 protected 3 4 def check_comment_for_spam(author, text) 5 @akismet = Akismet.new('< your Akismet key here>', '<your blog url here>') # blog url: e.g. http://sas.sparklingstudios.com 6 7 # return true when API key isn't valid, YOUR FAULT!! 8 return true unless @akismet.verifyAPIKey 9 10 # will return false, when everthing is ok and true when Akismet thinks the comment is spam. 11 return @akismet.commentCheck( 12 request.remote_ip, # remote IP 13 request.user_agent, # user agent 14 request.env['HTTP_REFERER'], # http referer 15 '', # permalink 16 'comment', # comment type 17 author, # author name 18 '', # author email 19 '', # author url 20 text, # comment text 21 {}) # other 22 end
Your create method could look like this:
1 2 def create 3 @comment = Comment.new(params[:comment]) 4 unless check_comment_for_spam(@comment.author, @comment.comment_text) 5 if @comment.save 6 flash[:notice] = 'Comment was successfully created.' 7 redirect_to :action => 'list' 8 else 9 render :action => 'new' 10 end 11 else 12 # Spam detected! Do something with the spammer. 13 flash[:notice] = 'Go away!' 14 render :action => 'new' 15 end 16 end
You can test your spam protection by trying to create a comment with author set to viagra-test-123
Akismet should always say that this is spam.
You’re done! Akismet is now watching at your comments and blocks spammers!
Note that you can submit spam also! Use the submitSpam function of the API.
Minimalexperimental, a platform for online and offline design exhibitions—Great stuff!
webstock conference —
We were there!
