k2 not protected from comments spam

K2 is probably the most popular Joomla component today. It enables Joomla with two very important features that in our opinion should be incorporated into the core Joomla. Besides the many other features, the two most important features are content tagging and comments on articles. The comment form in your article pages is one of the most often used for spamming. There's no better way for a spammer to get a link from your site than to leave a pointless comment on your article.

Fighting against the spam in the comments is one of the dullest things that you do while maintaining your website. You must check all the comments daily and separate the valuable ones from the spam. But, what could happen if somebody tries to write 250.000 spam comments on your site in one single day which happened to us recently? Your site would probably go down! Your web hosting provider would block your site asking you to inspect and resolve the issue.

k2 not protected from comments spamAfter installation of the K2 component, the comments in it will be "unlocked" for the spammers. Everybody could write a comment without registering an account. Also, the comments will be automatically published without reviewing. After installation of the K2 component, go to K2 parameters (click the Parameters icon in the top-right corner). Then go to the Comments tab, and you'll see what we illustrated in picture 1. So, your comments are completely open to bombarding your site with unwanted content.

Therefore, the first thing that you should change in parameters immediately after the setup of the K2 component, is the way how it handles new comments and who is allowed to comment. I suggest allowing comments for the registered users only. Also, you should set in your global Joomla configuration that verification of email for new accounts is mandatory. This will require more work from the potential spammers to write comments on your site. Also, you should disable the comments auto-publishing. This means that every comment must be manually confirmed before it's published. When spammers or spambots see their comments are not published, they will probably leave your site alone. In addition, you should consider enabling reCaptcha, but in this case, you must register on reCaptcha's site and enter your account details in the Advanced tab of the K2 parameters. Please take a look at the image 2.

k2 not protected from comments spamLet's conclude. If spammers and spambots found your site is open and doesn't have any protection for writing comments, they will flood your site with unwanted content. This amount of this content can be so large that it could violate your server's stability and in most cases, it will lead to the stopping of MySQL service. After this, your website will be unavailable.

So, if you are using K2 take this advice seriously and protect your site. We will take this opportunity to remind you that we designed several Joomla templates that have full support for K2. These are Hot Cinema, Hot Wedding, Hot Responsive and Hot Model Agency. More are coming soon!