Preventing spam on Joomla: Difference between revisions
(3 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== | == Restricting spam == | ||
By default, Joomla has no option no enable comments, contacts or user registrations. Most of these options are managed through Joomla plugins/extensions. But these extensions will often allow by default that any user (or bot) can make comments, register an account, etc. To prevent these people or bots attacking your website, a few steps can be taken which are listed below. It can be the better option to completely not use comments or any other forms of contact, but of course this is not always possible. | |||
== | ==Detecting spam== | ||
As mentioned above, it's better in most cases to simply not allow comments or to restrict them very heavily than having to deal with spam. If you have no other choice, there are some options available to help you out. It's important to keep in mind that both options below rely on external service providers for some aspects of their spam detection. | |||
* Go to | === R Antispam === | ||
** | R Antispam is an extension for Joomla that works via the Bayesian algorithm to prevent spam on your Joomla website. It can protect you from spam on many different forms. On top of that, the extension is free to download and use. | ||
* | To use R Antispam follow these instructions: | ||
* | |||
* Go to https://extensions.joomla.org/extension/r-antispam/ and press the download button on the right side, to start downloading the extension | |||
* Go to the admin panel on your Joomla website | |||
* On the top of this page select the tab "Extensions" -> "Manage" -> "Install" | |||
* Press the green "Browse for files"-button, and select the .zip file you just downloaded in the first step | |||
* Now your plugin should be installed, but to make sure that it is working and active go to the tab "Extensions" -> "Manage" -> "Manage" | |||
* This will give you a list of all installed plugins. Now search for the R Antispam plugin and make sure that the status says active (a green V is shown) | |||
Now the plugin is working and spam can be prevented. | |||
===Google's reCAPTCHA=== | |||
CAPTCHA, originally from a complicated acronym, is a term used for different kinds of challenges to prevent automated scripts from trying to comment, register or login on websites. reCAPTCHA is a project owned by Google that is quite successful at designing these challenges. You probably know reCAPTCHA as the "I'm not a robot" checkbox you often have to press. More details are available on <nowiki>https://google.com/recaptcha</nowiki> | |||
To use Google's reCAPTCHA follow these instructions: | |||
* Go to google's reCAPTCHA administrator page(https://www.google.com/recaptcha/admin) and register your site | |||
* Navigate to the admin panel of your Joomla installation and select the tab "Extensions" -> "Plugins" | |||
* | * Search for 'recaptcha' in the search box and enable the "CAPTCHA - reCAPTCHA"-plugin by clicking on the status icon next to the name | ||
* Once complete it is '''critical''' that you configure your reCAPTCHA properly | |||
** Go to reCAPTCHA's configuration page by clicking the plugin's name in the same panel where you enabled it | |||
** Now fill in the required keys you got on google's reCAPTCHA's administrator page before | |||
** When finished entering these keys, press the "Save & Close" button to save your settings | |||
From now on, when for example registering an account, Joomla will ask to fill in a reCAPTCHA | |||
[[Category:Security & anti-spam]] | [[Category:Security & anti-spam]] | ||
[[Category:CMSs]] |
Latest revision as of 12:05, 2 September 2021
Restricting spam
By default, Joomla has no option no enable comments, contacts or user registrations. Most of these options are managed through Joomla plugins/extensions. But these extensions will often allow by default that any user (or bot) can make comments, register an account, etc. To prevent these people or bots attacking your website, a few steps can be taken which are listed below. It can be the better option to completely not use comments or any other forms of contact, but of course this is not always possible.
Detecting spam
As mentioned above, it's better in most cases to simply not allow comments or to restrict them very heavily than having to deal with spam. If you have no other choice, there are some options available to help you out. It's important to keep in mind that both options below rely on external service providers for some aspects of their spam detection.
R Antispam
R Antispam is an extension for Joomla that works via the Bayesian algorithm to prevent spam on your Joomla website. It can protect you from spam on many different forms. On top of that, the extension is free to download and use.
To use R Antispam follow these instructions:
- Go to https://extensions.joomla.org/extension/r-antispam/ and press the download button on the right side, to start downloading the extension
- Go to the admin panel on your Joomla website
- On the top of this page select the tab "Extensions" -> "Manage" -> "Install"
- Press the green "Browse for files"-button, and select the .zip file you just downloaded in the first step
- Now your plugin should be installed, but to make sure that it is working and active go to the tab "Extensions" -> "Manage" -> "Manage"
- This will give you a list of all installed plugins. Now search for the R Antispam plugin and make sure that the status says active (a green V is shown)
Now the plugin is working and spam can be prevented.
Google's reCAPTCHA
CAPTCHA, originally from a complicated acronym, is a term used for different kinds of challenges to prevent automated scripts from trying to comment, register or login on websites. reCAPTCHA is a project owned by Google that is quite successful at designing these challenges. You probably know reCAPTCHA as the "I'm not a robot" checkbox you often have to press. More details are available on https://google.com/recaptcha
To use Google's reCAPTCHA follow these instructions:
- Go to google's reCAPTCHA administrator page(https://www.google.com/recaptcha/admin) and register your site
- Navigate to the admin panel of your Joomla installation and select the tab "Extensions" -> "Plugins"
- Search for 'recaptcha' in the search box and enable the "CAPTCHA - reCAPTCHA"-plugin by clicking on the status icon next to the name
- Once complete it is critical that you configure your reCAPTCHA properly
- Go to reCAPTCHA's configuration page by clicking the plugin's name in the same panel where you enabled it
- Now fill in the required keys you got on google's reCAPTCHA's administrator page before
- When finished entering these keys, press the "Save & Close" button to save your settings
From now on, when for example registering an account, Joomla will ask to fill in a reCAPTCHA