Kratos Anti Spam is a Joomla plugin, built to stop bots from sending spam through all website forms (i.e.: contact forms, VirtueMart ask a question, comments, etc.)
You can try the plugin before purchasing
The DEMO version works for 3 days for any domain name (localhost domain name is disabled)
To install Kratos Anti Spam on your Joomla website please follow the guide below:
Done! Your website is protected against any bots.
We will mimic a spam bot and try to send a form to this website, for this example we will send a post search request.
Please click on "Demo" button to see what happens when a post request is protected by Kratos Anti Spam.
Below is the source code for a curl post request, how a bot would submit spam to your website:
$url = "http://www.softpill.eu"; $reffer = "http://www.softpill.eu"; $post_fields = 'searchword=kratos&task=search&option=com_search&Itemid=101'; $cookie_file_path = "./cook"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields); curl_setopt($ch, CURLOPT_REFERER, $reffer); curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path); curl_setopt($ch, CURLOPT_COOKIEJAR, $cookie_file_path); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); curl_close($ch); echo $result;
Another feature of Kratos Anti Spam is to block resending the same post request, i.e.: user completes a form and sends it, and then refreshes the page, resubmitting the same request, this duplication is blocked.
To stop protection when users are logged in, please go to plugin settings and choose "No" for "Protect if logged" setting.
In plugin settings you may choose to protect your Joomla website in front-end, administration back-end or both.
If your website gets slower after installing the plugin, please go to plugin settings and set "No" the "Ajax Key Request" setting, which is default to "Yes".
Because Kratos Anti Spam will block all POST requests that are not checked by itself, you need to add in the plugin configuration as exceptions the URLs that your payment gateway uses for notifying your website, if you need assistance please contact support.