Some time back I wrote a blog post very similar to this one. But much time has past and I’ve since encountered a number of implementation problems with it. For example, checking if a username is listed in the Stop Forum Spam database is highly prone to false positives – search my name “Brendan” for example and I’m a spammer and now blocked.
Today I wrote a simpler implementation that checks only the IP address and takes advantage of Stop Forum Spam’s “confidence” assessment. See “Confidence Scoring” on their API usage page. Essentially it creates a likelihood or confidence percentage value based on quantity of listings and recent activity to decide if they’re a spammer or not. Kind of cool and takes the guesswork out of the blacklisting process for webmasters who really don’t have the expertise when contrast against the experience Stop Forum Spam has.
Anyway, as mentioned, much more cut down and only checks the IP address.
function StopForumSpam($ipAddress, $percentageConfidenceIsSpammer = 50)
$spammer = FALSE;
$xmlResult = file_get_contents(“http://www.stopforumspam.com/api?ip=” . urlencode($ipAddress) . “&confidence”);
$xml = new SimpleXMLElement($xmlResult);
if ($xml->appears == “yes”)
if ($xml->confidence >= $percentageConfidenceIsSpammer)
$spammer = TRUE;
With any luck, you’ve put the above function with your other functions, and amongst the code you have checking an activity you will have something like this:
// user’s current ip address
$ipAddress = $_SERVER[‘REMOTE_ADDR’];
// check stopforumspam database
$unsafeSender = StopForumSpam($ipAddress);
// if bad result deny request
if ($unsafeSender == TRUE)
// take action to prevent continuing
// here is a function I call in my own code: Error(“We’re sorry, but our checks suggest you might be a spammer. You won’t be able to contact us at this time.”);
// alternatively you might just like to say die();
// insert your own code here.
Note you can adjust the confidence percentage by passing in an integer as a parameter such as StopForumSpam($ipAddress, 80); – else it will default to 50%.
One other note, this function relies on file_get_contents() being turned on. It can be sometimes disabled in the name of security via the php.ini file.
Hope this helps someone.
- Generic PHP Function Code to Query “Stop Forum Spam” API
- PHP Code Block Vent In Spite of Spammers
- Simple IP Information / IP to Location (Country) Lookup
- Moving From No Control Panel Servers to a cPanel Server
- How to delete ASP.NET temporary files from shared server
- Hung, Stalled, Blank Page During WordPress Core, Plugins, Themes, etc. Upgrade
- Firefox Google Search Plugin for Australia (AU)