User-generated spam: Search Engine Land’s ultimate guide to Google penalties and messages


User-generated spam tends to be an issue for large, user-driven sites. If this penalty is applied, that generally indicates that the affected site is being exploited by spammers and black hats. Here, Google is essentially asking the site owner to get their own house in order — or else.

The message usually includes a sample URL where user-generated spam has been detected. Accordingly, the penalty’s impact, a removal from Google Search results, is limited to the exact URL or directory mentioned.

While this may seem like a small price to pay, it is important to see the big picture. Sites affected by user-generated spam often receive a lot of user-generated spam messages, even on pages not identified by Google. If the vulnerability isn’t swiftly taken care of, chances are there will be thousands of potentially malicious, user-generated pages which Google will remove from their index in order to protect their users.

Google has, on several occasions, provided general guidance on how to protect sites from user-generated spam through their Webmaster Central Blog, which is both useful and actionable. Ignoring a specific Google manual penalty message, which never is a good idea, is a particularly dangerous strategy in the case of user-generated spam. The fact that you’ve received a message indicates that Google deems the site useful but neglected. They thus raise the issue in order to help. Hoping for the best, or for Google to fix the issue at their end, isn’t going to solve the problem.

Solving user-generated spam is mostly a technical challenge and rather simple when compared with the previously discussed penalties applied for spam content.

The following security measures should be considered and implemented as necessary:

  1. Make sure your forum or discussion software is up to date, especially with regard to any security patches that have been issued.
  2. Use moderation capabilities for the following:
    1. Blacklist obviously spammy words or inappropriate words (like pharma-related) and continue to add to your blacklists based on spam that you’re seeing.
    2. Identify and review content when a single account or IP address accounts for a large volume of posts in a short time.
    3. Subject posts from new members or new posters to editorial review before they are published, lifting the restriction once they have established themselves as trustworthy.
  3. Limit users’ ability to link.
    1. Consider disallowing links entirely or allowing only trusted contributors with spotless track records to link to other sites.
    2.  If you allow links, you may nofollow them to remove some of the incentives to link externally.
  4. Close comments or discussion on threads after a reasonable period of time, as they’ll often collect spam after real users have ceased to engage on them.

Beyond getting you back in Google’s good graces, all of these steps are in the best interests of your business anyway, as they’ll help protect your brand integrity and your relationship with your user base.

User-Generated Spam Detected notification

User-generated spam can trigger limited spam removal action. The problem, if neglected, will likely grow and can prompt more severe consequences.