Almost every developer portal has API documentation, but many portals go a step further to build a community around their APIs by making the communication two way. This is done by allowing developers to use contact forms, post comments or create forum posts.
As any site administrator can attest, a problem with allowing your users to communicate is that you end up dealing with spam. If left unchecked, a site can be deemed worthless by your real customers and damage your brand.
Here are some ways you can reduce or prevent all spam from your developer portal:
Disable the ability for users to create content
If your users cannot create content, then you can remove spam from your site. This is the only way to guarantee you will not get any spam, and will reduce the time needed to maintain your site. However, it will also remove the ability for your developers to help you find out what documentation does not make sense, or get help from you or other developers through forums.
If you let users register on your site, you can still get fake accounts added to your system.
Moderate new user accounts
You can set user registration on your site to one of these three options, which is configurable under Configuration > People with the “Who can register accounts?” section:
Option #3 is good for preventing spam, but will take a lot of work. You will need someone that can constantly be reviewing each account. Also, if you are collecting a name and email address, how easily can you confirm that the account is valid?
Add CAPTCHA to your site
Easy to implement, but will annoy users especially if they have to keep filling out reCAPTCHA every time they log in. A downside is this will not stop real users from creating spam.
The easiest and most effective way to do this is to enable the reCAPTCHA module. You will then be able to use the preferences to add reCAPTCHA to any web form.
Moderate comments and forum posts
You can moderate all comments before they are published to the site by changing permissions. Go to People > Permissions, and under Comment is the Skip comment approval. Make sure that only the administrator role can skip approval. You can approve comments under Content > Comments.
Forum posts are actually nodes, so you will need to make sure those nodes are unpublished by default:
You will then need to edit that node and go under Publishing options and click the checkbox next to Published.
Or, you can allow the content to be published, but send an email to administrators or a moderator role to make sure it is not spam. To create a rule to trigger when a new content is created so that an administrator knows to approve it:
Use a content moderation service
Content moderation services such as Mollom work by analysing content sent to your site for spam, and will automatically flag them for spam for you. See how Mollom works for more info.
In order to use Mollom, you will need to:
Summary
Protecting your site isn't something you can "set and forget" due to the ongoing arms race between spammers and site administrators. The ideas above have worked well for many of our customers, but there are plenty of other Drupal modules to help prevent Spam.
Have you found any other ways to reduce spam in your Dev Portal? Post a comment and let us know!
Great tips, Chris.
About recaptcha - there is a limitation in the current module which allows the recaptcha to be added to only a single form per webpage. Often this works fine, but if the devportal admin enables the boostrap modal dialogs for user login and user registration, it means that only one of those forms gets the recaptcha. (I think the login).
There's a fix for the recaptcha module to allow it way to patch up the recaptcha to allow it to work with multiple forms on a page. It is not yet available in the mainstream recaptcha module, but it's benign on Drupal 7 and it works. Applying that fix is described here.
You can adjust various type of the content which you can use in the windows 10 and when we read about the how to delete cookies in windows 10 cookies then found some special type of the functions which really supported with the how to remove unwanted cookies in windows 10.