Akismet Silverstripe Module
Simple spam filter for Silverstripe using Akismet
Also, please report any issues you may encounter, as it helps us all out!
Please see the changelog for module history.
- Damian Mooyman - https://github.com/tractorcow/silverstripe-akismet
- Attribution to Tijs Verkoyen for his Akismet API wrapper - https://github.com/tijsverkoyen/Akismet
- Silverstripe ^4 || ^5
- Silverstripe SpamProtection module - https://github.com/silverstripe/silverstripe-spamprotection
- Tijs Verkoyen's Akismet API wrapper - https://github.com/tijsverkoyen/Akismet
Note: For a Silverstripe 4.x compatible version, please use 4.x release.
This module can be easily installed on any already-developed website
- You can install using Composer, as below:
composer require silverstripe/akismet
AkismetSpamProtector
is automatically assigned as the default spam protector class.
- Get an API key from akismet.com and set in the site against one of the following ways.
config.yml:
---
Name: myspamprotection
---
SilverStripe\Akismet\AkismetSpamProtector:
api_key: 5555dddd55d5d
_config.php:
use SilverStripe\Akismet\AkismetSpamProtector;
AkismetSpamProtector::singleton()->setApiKey('5555dddd55d5d');
.env:
SS_AKISMET_API_KEY="5555dddd55d5d"
If instead you want to configure your akismet key via the siteconfig (as a password field) you can add the included extension to SiteConfig
mysite/_config/settings.yml:
SilverStripe\SiteConfig\SiteConfig:
extensions:
- SilverStripe\Akismet\Config\AkismetConfig
Please note that the API key values defined in the various ways above will be prioritised as:
- Values assigned to the singleton via
AkismetSpamProtector::singleton()->setApiKey()
- Values defined in configuration, whether YAML or in _config.php files with
Config::modify()->set(...)
- Values defined in the environment via .env
By default, spam protection is disabled for users with ADMIN priviliges. There is also an option to disable spam protection for all logged in users. In order to disable this for testing purposes, you can temporarily modify these options in your development environment as below:
use SilverStripe\Akismet\AkismetSpamProtector;
use SilverStripe\Control\Director;
use SilverStripe\Core\Config\Config;
if (!Director::isLive()) {
Config::modify()->remove(AkismetSpamProtector::class, 'bypass_permission');
Config::modify()->remove(AkismetSpamProtector::class, 'bypass_members');
}
In order to check that your form is blocking spam correctly, you can always set 'viagra-test-123' as the author and Akismet will always mark this as spam.
If you're using Comments module you can quickly set akismet to filter these out by adding the CommentSpamProtection
extension to the CommentingController
config.yml
SilverStripe\Comments\Controllers\CommentingController:
extensions:
- CommentSpamProtection
If necessary, you can also mark spam comments to be saved to the database. This will still display the spam rejection notice, but spam comments will now be available for moderation in the backend. In order to enable this feature add the following to your configuration.
config.yml
# Allows spam posts to be saved for review if necessary
SilverStripe\Akismet\AkismetSpamProtector:
save_spam: true
To enable spam protection in your custom forms, call the enableSpamProtection method with your field names mapped to the akismet fields:
$form = new Form($this, 'Form', $fields, $actions, $validator);
$form->enableSpamProtection(array(
'mapping' => array(
'Name' => 'authorName',
'Email' => 'authorMail',
'Comments' => 'body'
)
)
);
Because of the way Akismet works (message, author, and other information sent to a third party) in some countries it's legally necessary to notify and gain the user's permission prior to verification.
To create a checkbox style authorisation prompt for this field set the following configuration option:
config.yml
SilverStripe\Akismet\AkismetSpamProtector:
require_confirmation: true
_config.php
Config::modify()->set(AkismetSpamProtector::class, 'require_confirmation', true);