CAPTCHA is No Longer Sufficient
Sophisticated spammers are now circumventing CAPTCHA codes on websites using techniques such as:
- low paid human workers manually entering the codes
- clever spam bots that use OCR to decipher the codes
- high traffic websites owned by the spammers that redisplay the a target website CAPTCHA code on their own website, have it solved by a visitor and then use the solution on the website they wish to spam
At least one of my clients is affected and a better solution is required.
Keeping One Step Ahead of the Spammers
There are several services on the web such as projecthoneypot.org and stopforumspam.com that maintain lists of the IP addresses of known spammers and hackers. We can team these services up with a suitable Joomla extension to stop the spammers from accessing the website at all.
I have chosen Akeeba Admin Tools Professional as my preferred solution. An Admin Tools Professional subscription at €20 is excellent value for money and has many other useful features apart from the IP Address blocking.
Enable protection in Akeeba Admin Tools as follows:
- Register an account and apply for a key at http://www.projecthoneypot.org/httpbl_configure.php (it's free)
- At Components -> Admin Tools -> Web Application Firewall -> Configure WAF -> Project Honeypot integration, set:
- Enable HTTP:BL filtering: Yes
- Project Honeypot HTTP:BL Key: [enter your own key here]
Known hackers and spammers will now be blocked from accessing your Joomla website.
Free Spam Protection
Some promising free extensions (so far untested by me) are:
- HTTPBL - Project Honeypot Blocklists Plugin which checks against projecthoneypot.org.
- SpambotCheck which checks against several databases, such as projecthoneypot.org, sorbs.net, spambusted.com, stopforumspam.com and spamcop.net.
What are you using to foil spammers?