Restricting spam

By default, Joomla has no option no enable comments, contacts or user registrations. Most of these options are managed through Joomla plugins/extensions. These extensions will allow by default that any user (or bot) can make comments, register an account, etc. To prevent these people or bots attacking your website, a few steps can be taken that are listed below.

Detecting spam

R Antispam

R Antispam is an extension for Joomla that works via the Bayesian algorithm to prevent spam on your Joomla website. It can protect you from spam on many different forms. On top of that, the extension is free to download and use.

To use R Antispam follow these instructions:

  • Go to https://extensions.joomla.org/extension/r-antispam/ and press the download button on the right side, to start downloading the extension
  • Go to the admin panel on your Joomla website
  • On the top of this page select the tab "Extensions" -> "Manage" -> "Install"
  • Press the green "Browse for files"-button, and select the .zip file you just downloaded in the first step
  • Now your plugin should be installed, but to make sure that it is working and active go to the tab "Extensions" -> "Manage" -> "Manage"
  • This will give you a list of all installed plugins. Now search for the R Antispam plugin and make sure that the status says active (a green V is shown)

Now the plugin is working and spam can be prevented.

Google's reCAPTCHA

CAPTCHA, originally from a complicated acronym, is a term used for different kinds of challenges to prevent automated scripts from trying to comment, register or login on websites. reCAPTCHA is a project owned by Google that is quite successful at designing these challenges. You probably know reCAPTCHA as the "I'm not a robot" checkbox you often have to press. More details are available on https://google.com/recaptcha

To use Google's reCAPTCHA follow these instructions:

  • Navigate to the admin panel of your Joomla installation and select the tab "Extensions" -> "Plugins"
  • Search for 'recaptcha' in the search box and enable the "CAPTCHA - reCAPTCHA"-plugin by clicking on the status icon next to the name
  • Once complete it is critical that you configure your reCAPTCHA properly
    • Go to reCAPTCHA's configuration page by clicking the plugin's name in the same panel where you enabled it
    • Now fill in the required keys you got on google's reCAPTCHA's administrator page before
    • When finished entering these keys, press the "Save & Close" button to save your settings

From now on, when for example registering an account, Joomla will ask to fill in a reCAPTCHA