Comment spam on my blog has increased immensely over the last four to six weeks. I'm getting, on average, 150 spam comments per week. In order to help combat the scum of the earth I have implemented both Akismet and Project Honeypot by way of activating these two features in CFFormProtect (which ships with BlogCFC).

Continue Reading

Aaron West's Gravatar
About this post:

This entry was posted by Aaron West on June 29, 2009 at 1:30 PM. It was filed in the following categories: ColdFusion, BlogCFC, Site News. It has been viewed 23008 times and has 9 comments.

9 Responses to Adding Akismet and Project Honeypot to BlogCFC

  1. If any of your readers are using CFFormProtect for a business site, it should be noted that you can't use Akismet for free for business purposes. You have to buy a license key (or whatever mechanism Akismet uses). I believe Project Honey Pot is free for business use as well as personal.

    I'm curious why you decided to leave captcha on...in my experience a form without captcha (but otherwise protected as yours is) doesn't get spammed (or very rarely, that is).

  2. Thanks for the note about business users Jacob. I'm leaving Captcha on temporarily just to see how it works in tandem with Akismet and Project Honeypot. I'd love to turn it off but I want to make sure all the comment spam gets stopped first. Which leads me to a question for you.

    Is there any way I can turn on cfformprotect logging and direct the log file to a specific location on my site? I don't have access to the JRun logs directory or CF logs directory since my blog is still (for the next week) hosted on a shared platform. I'd like to review the log file so I can see if everything is working. Without access to the log file and not being able to get e-mail notifications set up I'm simply guessing if Akismet and Project Honeypot are working.

  3. In my experience, once you have Akismet enabled you can disable all of the other spam protection mechanisms of CFFormProtect. The other client-side spam protection features may be helpful if you are not using Akismet, but they can be easily defeated and add a lot of unnecessary and obtrusive code to your pages. I have not used Project Honey Pot, but it looks interesting, and given it is a service much like Akismet it is probably worth enabling as well.

    Also, I'm not running the latest BlogCFC with CFFormProtect, but Aaron does bring up a good point. While it is a huge step forward, it doesn't seem to be as well integrated into BlogCFC as it could be. For example, it seems to block what it thinks is spam outright, not giving the blog author the ability to moderate and mark as ham if appropriate. It also doesn't seem to allow you to report spam/ham back to Akismet. (Note: I didn't do a detailed review of the integration, so I may have missed something. Also, integration may have been improved in more recent versions of BlogCFC.)

    All in all though I'm very glad there is at least someway for BogCFC users to easily enable Akismet in BlogCFC.

  4. @Aaron,

    I'm not sure how to help you with the log file location...that code was actually written by someone else, so I'm not sure what you'd change (I haven't looked at the code recently). I'd suggest testing the logging code in a separate test page to see if you can get the location nailed down. And I'm not sure why the email code doesn't work for you...all I can say is that it works for me on my server. <shrug>


    I have seen a rare case where a spam comment was passed through Akismet, but the client side checks still stopped it. Your mileage may vary. :)

  5. @Jake - How did you report the spam to Akismet in that case? Does CFFormProtect allow for that?

  6. @Jake - The Akismet FAQ also states: "We ask that you turn off all other spam plugins as they may reduce the effectiveness of Akismet."

    While certainly not required, I think it is fair to contribute back to the project by submitting spam/ham if you are using it for free...

  7. @Nathan,

    Yes, CFFormProtect has a function for reporting missed spam back to Akismet (as well as false positives). I can't remember all the details off the top of my head, but they are in the docs.

  8. @Jake - Awesome, good to know.

  9. Thanks Aaron - this helped a ton.