Skip to main content

Keep Malicious Content Out Of Your Blog

Every day or so, we see reported from concerned bloggers, about unknown content in their blogs.
Where did those ads come from? I didn't add them!
How do I keep this other blogger from posting porn links in my blog?
As we add content to our blogs, and make them fun, interesting, and shiny, to attract readers, we risk adding undesirable content. This is a constant problem.

The bad guys are out there - and the more fun, interesting, and shiny your blog is, the more it's likely to have readership, reputation, and value.

The more readership, reputation, and value that your blog has, the more attractive it is to the bad guys. And the bad guys have various ways to attack a given blog.

  • Malicious Comments
  • Malicious Posts
  • Malicious Accessories
  • Malicious Blog Members
  • BlogList / Feed Gadgets

Malicious Comments

One of the easiest way to add third party content to your blog is from allowing comments.

Comments are contributed by people who, at best, you simply do not know. Any content from someone who you do not know can always be malicious, or obnoxious in some way.

Some blog owners will try to identify and block individual commentors. I will continue to insist that anybody who you should fear will not be bothered greatly by anything that you can do here.

You absolutely must moderate comments, or risk having a blog known for hosting malicious links - or worse.

Malicious Posts

Besides comments, posts are a constant concern. If you have a team blog, you have to be able to trust the other members in the blog.

Post moderation, using post editor to publish, isn't an option. Anybody who you make an author can publish what they feel like publishing. You can only moderate posts after they are published, when using post editor.

An alternative to using post editor to publish is Mail-to-Blogger, where contributions are emailed to the blog. If Mail-to-Blogger is setup to publish straight to the blog, and the bad guys figure out your MTB account and password, you'll have malicious content a plenty.

You can moderate before publishing, using Mail-to-Blogger.

Malicious Accessories

Any time that you install third party accessories of any type, you are placing your blog at risk.

Don't be overly paranoid - you have to make your blog interesting to your readers. But do keep the risks in mind.

This is similar to layered security for your computer, which is a related concern here.

Malicious Blog Members

Sometimes, possibly having unwisely installed a third party accessory, the install process may have enabled the addition of an unknown member to the blog. The unwanted content may be added by the attacker, using this unknown blog member.

If none of the above advice offers you an explanation for the existence of unwanted content, check your blog member list.

BlogList / Feed Gadgets

Occasionally, we may Follow a blog where the owner will later decide to try to get more traffic to the blog, and will redirect the blog feed to a cloud of random blogs. If you are Following such a blog, or have such a blog in your BlogList or Feed gadget, you'll see your BlogList or Feed gadget show odd content - and frequent spam.


mrduncan2k said…
Can you please offer some assistance?


I have found postings that qualify as SPAM

I have no idea how they showed up on my DASHBOARD but now that they are there I can’t find a way to delete them or to keep others from appearing.

I moderate comments coming in for posting or not, but there is no apparent way to rid myself of this problem, there is no delete button available.
Chuck said…

I have found postings that qualify as SPAM

I have no idea how they showed up on my DASHBOARD

You need to start a discussion in BHF: Something Is Broken, so we can explore this in detail.
Ellie K said…
You rule as the definitive Anti-Spam Czar! I just found my way here after months of seeing your "nite" doppelganger on Google Product sites.

What a clever implementation of the Blogger template: I don't have a glimmer of an idea how you did some of these customizations.

You seem altruistic, assisting the bloggers-in-dire-need on Google Blogger Help. I have been, and will continue to be, one of those folks.

Well done, and thank you!

Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Free Domain Registration By "UNONIC" Is Fraudulent

Blogger blog owners, like everybody else, like to save money.

Some blog owners prefer to save money when registering a custom domain, for their blogs. We've seen several free domain registration services, providing what is claimed to be a two level Top Level Domain "co.xx" (where "xx" == various country codes).

The latest in this ongoing story appears to be "" - and 13 other "top level domains".There is also an additional free service offering third-level .tf domains, under the name United Names Organisation. They occupy 14 second-level domains, including,,, and They are run by the same company as, and are given away as URL redirections.