Although this one has been quite a while on the native module list in your back office, we hadn’t announced it’s availability, yet. So here goes!

A lot of users have been complaining about spammers for a while. At the moment it is easy to grab the URL of a contact form an spam a merchant. This module allows you to add a captcha to the login form, the registration form, the password forgotten form, the contact form and the back office login. By adding a captcha it is no longer possible to automatically create accounts, spam the contact form or brute force a password recovery. The captcha is provided by Google and its official name is the No CAPTCHA reCAPTCHA. Why name it like this? Well, the module no longer asks you to type the captcha, but instead will ask you to tick the checkbox. If Google is uncertain whether you might be spamming or be a bot, it’ll show you a few photos or other means to determine whether you are human.

captcha added to the contact form

The following happened after trying to spam the page (refreshed more than 4 times in one minute):

Don't try to spam ;)

Easy peasy, right? If you are visually impaired, this captcha will also allow you to listen to an audio recording instead. The captcha works on all devices, including smartphones.

 

Configuration

Unfortunately the module is unable to use native hooks. Due to backwards compatibility we weren’t able to add the best hooks for this module, but we have plans to do so with 1.1. This means that configuring this module might be a little harder than you are used to. The module works out of the box with a few standard themes (including the default community theme), but themes with more customizations might need a little extra configuration.

The configuration steps are, finding the captcha keys, entering them, enabling the captcha for several forms and, if needed, tweaking the advanced settings.