Defend your Rails from spam with Akismet

July 24, 2009 - 2 Comments - ruby rails spam tools akismet

When I decided that I would roll code.isdangero.us as a custom-made blog in Rails, I thought of it as a fun, easy project. After all, blogs are simple, and the simplicity allows for plenty of room for attention to detail in making the code as tight as possible, similar to the way a haiku allows a poet to express his skill in language through the power of the simply-stated.

Of course, every project looks easy from a distance, because unforeseen problems are just that: unforeseen. It had been a while since I’d blogged, and therefore I had all but forgotten about the long war of blog software against the endless networks of compromised Windows machines turned into Viagra-pitching zombies, comparable in number to the mighty armies of ancient Persia.

Enter Akismet

Just as the 300 men under the command of King Leonidas of Sparta held back Persia’s onslaught by fighting in the shade, the forces of good in this war have gathered together their disparate forces into a collective known as Akismet.

Akismet is an API which tracks spam and ham submissions from participating blogs all over the world, building its knowledge of what spam looks like versus comments from good-natured, decent folks who aren’t trying to sell the latest antidepressant through your blog. It allows a blog to ask if a comment looks like spam before publishing it. It also allows the owner of that blog to tell Akismet when a comment is marked as spam or ham, thus giving back to Akismet’s intelligence with human analysis.

Integrating Akismet into your Rails app

I used a simple, one-file Ruby library for the base-level HTTP interaction with Akismet’s API. Download it, and then drop it into your lib directory in your Rails project.

You will want to have your comments begin storing the IP address, user agent, and HTTP referrer of the client posting the comment, as well as its “spam” status. This is achieved with a simple migration:

script/generate migration AddSpamInfoToDiscussions ip_address:string user_agent:string referer:string spam:boolean

You will probably want to edit this migration to add a default value to the spam column.

When your controller creates a Discussion record for an incoming comment, you can add this data like so:

Now let’s add a callback to our model which will ask Akismet if the comment looks like spam, and if so, mark it as such before saving it.

Let’s add a couple more methods for marking an existing Discussion as spam or ham:

And corresponding controller actions:

Hook up your routes (you’re RESTful, right?), and that’s it, you’re done! Unless of course you want a nice admin UI for checking comments and marking them as spam or ham, but I will leave that part up to you. All the functionality is in place, so have fun building that beautiful UI.

I hope someone finds this helpful. Fuck off, spammers!

Comments

The Web is collaborative. Isn't it great?

C6c3d4bbf353456dbec83ac6618d6561?s=50

Arya Asemanfar said:

Just kidding!

I ran into a similar problem and decided to just completely discard comments that Akismet thought are spam.

Akismet is pretty cool but when I was signing up, it required me to sign up for wordpress to get an API key, is that still true? I also remember there being an alternative to akismet, forgot the name though.

11611e595f8866809b075a8e718e7600?s=50

Chris Vincent said:

Nice, Arya. Nice.

Yes, you still have to get a Wordpress.com account to get an Akismet API key. This is annoying and they should change it. Other than that, Akismet has worked out extraordinarily well so far. Zero false positives and only the very occasional, rare false negative.

Say Your Peace

Textile is allowed. Be polite. Be rude. I don't really give a fuck.

Your email will be kept safe and will never be publicly displayed.

 

Wha...?

11611e595f8866809b075a8e718e7600

Chris Vincent is a 20-something drummer, producer, and engineer from the Bay Area. This is where he writes whatever the hell he wants whenever the hell he wants to write it. Check your expectations at the home page.

Available for hire!

Looking for a top-notch Rubyist for contract? Check my resumé and drop me a line!

Obligatory tag cloud

me san francisco bicycling ruby tdd css tools iphone games rails facebooker queue facebooker facebook arduino activerecord sql css tools development process company culture spam akismet bluepill god

Recent posts

Feed me

Atom is cool.

Get in touch

Questions, comments, ideas?
Let's talk.

Unabashed self-promotion

Recommend Me