Configuration
Add-on Settings
Security Levels
Snaptcha offers three levels of security:
High - requires javascript (blocking most spam bots) and only allows a form to be submitted once (preventing multiple unwanted form submissions)
Medium — requires javascript (blocking most spam bots) and allows multiple form submissions
Low — does not require javascript (relies on spam bots filling in all input fields)
We recommend using the high security level where possible and modifying the error message to suit your chosen security level and users. Please note that if using the high security level you should not use template caching on templates that will use Snaptcha.
Field Name Prefix
The prefix for the hidden snaptcha field (should be a unique value, a random suffix will be used)
Member Registration and Login Validation
Whether to enable validation of member registration and login forms (see below for details)
Rejected Form Submission Logging
Whether to enable logging of rejected form submissions (see below for details)
Error Message
The message to display if the user is believed to be a spam bot
Logging
If you set Rejected Form Submission Logging to “Enabled” then any rejected submissions will be logged to the log.txt
file in the Snaptcha folder. The file must be writable so ensure that the permissions are set to at least 666.
Testing Snaptcha
If you want to test or see how Snaptcha works on your site then navigate to one of your forms, open your browser’s inspector or use Firebug and delete the input field that Snaptcha inserted. It will usually be towards the bottom of your form’s markup and will have an id that begins with the prefix in your extension settings (“snap” by default). After deleting the input field, submit the form and the error message from your extension settings should appear.
Comparison with Honeypot
The Honeypot captcha method is similar to Snaptcha’s low security level. It simply adds a hidden input field to the form and “hopes” that spam bots will enter a value into it, thereby giving them away as bots. Snaptcha’s medium and high security levels are far more secure than Honeypot, requiring javascript and the latter only allowing single form submissions. This means that the vast majority of spam bots will be blocked.
Using Snaptcha
Snaptcha will automatically add a hidden field to your forms and will validate it on submission. If it determines that a spam bot is attempting to submit the form then it will prevent the form from being submitted and will output the error message.
The following forms are supported:
Comment form
Safecracker form
Channel form (since EE 2.7)
Forum submission form
Freeform and Freeform Next
FormGrab
Zoo Visitor registration form
ProForm
DevDemon Forms
Member login form
Member registration form [1]
User Module registration form [2]
FreeMember registration form [2]
Threaded Comments form
Google Custom Search form
Email Form add-on
Solspace Rating form
IntoEEtive Stand-Alone Member Register form [2]
Email Module [3]
[1] If you set Member Registration and Login Validation to “Enabled” and you are using EE’s native Member Profile Templates then you must manually append the html code provided to the registration form as the member module does not have a hook that would allow Snaptcha to do this automatically. This method will only work with the medium
and low
security levels. By default this is found by going to Design > Themes > Member Profile Templates > Default > Registration Form.
[2] If you set Member Registration Validation to “Enabled” and you are using regular templates to generate your registration or logout forms then you must manually append a template tag to the form. Add the template tag {exp:snaptcha:field}
to the bottom of the form when using the User Module, FreeMember or IntoEEtive’s Stand-Alone Member Register.
[3] The native Email Module does not have the necessary extension hooks for Snaptcha to support it, however Snaptcha 1.7.1 introduced the methods for making it work. To add support for the Email Module forms you will need to manually add the following blocks of code to mod.email.php
in the module’s folder:
Last updated