Small Business Services

I guess it was only a matter of time before it happened: my site was plastered with about four hundred spam messages for various male-enhancement pharmaceuticals. If anyone saw that before I did, I assure you, I'm no drug pusher.

As annoying as it was, it did cause me to take a look at what spam-fighting options are available for Drupal, the software that runs this site. My goal was to keep anonymous posting available, yet make it more difficult for spambots to flood the comment pages. As it turns out, there is a freely-available system called CAPTCHA, which internet-savvy types like yourselves have undoubtedly seen before. CAPTCHA helps to ensure that the user is human by asking some questions that are difficult for computers to understand and answer, but easy for humans to do so.

After installing the Drupal CAPTCHA module, I now have a very configurable user verification system. I can specify on which of the site's forms I'd like to challenge users, and whether I want to only force a user to prove themselves once, or every time they submit a form. Being the forgiving soul that I am, I've started with the most lenient settings possible that I think will fool spambots, and will adjust from there based on how often the comment sections get spammed.

The CAPTCHA module for Drupal allows for challenges in two different forms: math problems and codes that must be copied from images. The math problems are the simplest. Users are prompted with a question like "8 + 2 = ", and they must fill in the blank. The trick here is that it takes a human to draw the inference that the answer must be filled in in order for the action to complete.

The other challenge is what you're probably more familiar with: the garbled text in a picture that you must successfully copy into a text box. I'm trying to stay away from these because, more often than not, they wind up being unintelligible to humans as well as machines, which doesn't serve my purpose very well. If it turns out that the spammers are smart enough to do math, we may have to turn these on in the long run anyway.

All of this was easily set up in less than 15 minutes, from the time I started searching to the time I had it turned on for my site. If I had to develop this myself, it would have taken days or weeks, and I may have simply opted to put up with the spammers.

Therein lies the power of open source for small business. All those things you'd have to do yourself are already done for you by someone somewhere, and it's freely available. It might take a little modification, but that represents significantly less time than developing and debugging from scratch. In the end, you've got a functional, full-featured platform that's customizable, but that took very little development effort to get off the ground and maintain -- all thanks to Free and Open Source software communities.