-2
Users are allowed to post on our website and we have started to get some spam. We have a background process that removes most of them after a few minutes, but are integrating a better solution that blocks on ingestion. This way they never make it to the site.
My concern is that if we give them a big “we’ve detected spam” error, they’re going to keep trying until they eventually get through. Our background process likely wouldn’t pick up this new spam either, and now we’re in an even worse state.
What’s the best convention for dealing with these posts? Just pretend that it posted and silently fail? Show a more generic error message?
2
2
I think there is a pretty standard practice for this
- Add a CAPATCHA
- If CAPATCH is passed but spam is detected, move to a review queue instead of publishing
- User can see their own review posts as if they were published but others can’t
- Optionally have a human process the review queue.