Preventing typosquatting
How to prevent typosquatting using Algolia’s sort-by feature.
Algolia and other search engines default to giving preference for exact matches. In some use cases, this can be used to take advantage of people’s typing mistakes and get ranked high on a popular search query.
For example, consider Twitter users. An example of typosquatting is the account @BarakObama, which has 15.8k followers, but isn’t @BarackObama (Barack Obama’s official account). Because Algolia prioritizes exact matches, typing “BarakObama” would return the “BarakObama” record first, regardless of custom ranking.
Not all use cases need to prevent typosquatting.
However, if this is your case, which often happens when you have to deal with user-generated content, you may need to put a strategy in place.
Dataset example
Back to the Twitter example: assume you have an index called twitter_accounts
that looks like this:
Even if you set descending custom ranking on nb_followers
, because Algolia prioritizes exact results, the @BarakObama account would benefit from the traffic coming from users making a typo when searching for the official Barack Obama account.
You can short-circuit this issue by leveraging Algolia’s sort-by attribute feature.
Update the dataset
The recommended solution is to add a boolean attributes that separates popular records from the rest. For example, you could add something like is_verified_account = true
, or is_popular = true
, and sort on that attribute.
For this approach to work well, the number of records with is_popular
or is_verified_account
set to true
should be a small subset of the dataset (around 1% of the dataset maximum).
You have a popularity metric (nb_followers
), so you can use it to define a rule that determines if a record is popular or not. In this example, you could say that a user is popular if they have more than a million followers.
You can use the browse
method to update the index:
Once updated, your dataset would look like this:
By default, the first rule in Algolia’s ranking formula is typo
(which, for the vast majority of use cases, is a sensible default value).
To prevent typosquatting, you need to add another ranking signal that’s higher than the typo
rule. This is what Algolia commonly refers to as a sort-by attribute.
When your ranking has been applied, searching for “BarakObama” will first return the “BarackObama” record.
Add a sort-by attribute in the dashboard
-
Go to the Algolia dashboard and select your Algolia application.
-
On the left sidebar, select Search.
-
Select your Algolia index:
-
On the Configuration tab, select Ranking and Sorting.
-
Click Add sort-by attribute and type or select your attributes.
-
Save your changes.
Add a sort-by attribute with the API
To set a sort-by attribute, you need to use the ranking
with the setSettings
method.
Was this page helpful?