Joomla extensions have moved!

Galaxiis (formely creates industry leading premium Joomla Extensions and is the longest running Joomla extensions provider since 2005.

Powerful Joomla extensions. - Excellent documentation. - Amazing support.

Visit now

So I have just finished and test the integration of a hashcash challenge (MD5) into the com_akocomment component...using the code of this page only an extract but all credit to original authors:
  • C.S. -
  • Gene Shepherd -
  • John F
  • Magenson -
  • Matt Mullenweg -
  • Matt Warden -
  • Paul Andrew Johnston -
    and to  Arthur Konze, the author of com_akocomment : This email address is being protected from spambots. You need JavaScript enabled to view it.

I must also pack everything into a new version of the component or better say refactored the code a little bit, because it is still full of debug statements...

robot wo want to submit spam comments must pay the prize (using cpu time, approx. 100 hashcash max. each minute on a high end computer) and compute manually (can not be automated by submitting directly to the form) a Hashcash (

Extract form the document of wp-hashcash:
"Wordpress Hashcash
Taking Matt’s stopgap spam solution, which sends precomputed hashes to be echoed back by the user-agent’s form, I’ve added dynamic generation of the md5 hash. Rather than write it to a hidden field, we wait until the form is submitted to compute the hash. This prevents spammers from automatically scraping the form, because anyone wanting to submit a comment *must* execute the javascript md5.
This plugin used to be called “Spam Stopgap Extreme.â€? Now it’s been moved to the WP plugins repository under the new name “Wordpress Hashcash.â€? All future development will take place through the plugins repository.
New Features:
  • Log and emailing of spam, for your records
  • Client-side hash required.
  • The “Keyâ€? is hashed once before output to the html form–so spammers can’t make sense of it, and then hashed on the client side, again.
  • The “Keyâ€? is now a time-dependent, visitor dependent hash, for more variability. You can’t just compute the right md5 once, because it’s always changing.
  • Failure to compute the md5 hash results in a 1 minute timeout penalty. "

Expect a release before week end...But I must also inform Arthur Konze first for a feedback
Then I will add the same code in login page (because generizing the code),in order  to avoid brute forcing password in admin login page....and in guestbook (because I was spammed many times last week)

You might like also

3 New Icons Packs for AKoComments 2.5
Attention: I did not rename the inserted tag correctly (I mean there is no grammar across settings.php) that means that migration from one theme to the other can be difficult. If someone want to invest some time and identify each smileys in each pack and assign the good description in settings.php.... for example a smiling smyleys should have : - )click more for pictures.....available in download section...enjoy! …
5466 Days ago
No Thumbnail was found
Your project registration for MamboForge has been approved.Project Full Name: hashcash for Mambo - cryptographic fwProject Unix Name: hashcashCVS Server: Shell/Web Server: visit it at …
5468 Days ago
AkoComment 2.5 unofficial release in Download section
with antispamming and smileys skinning facilities...Not endorsed by Arthur Konze, All credits to Athur Konze. …
5468 Days ago
No Thumbnail was found
Your project registration for MamboForge has been approved. Project Full Name: Log4PHP for Mambo - logging framework Project Unix Name: log4php4mambo CVS Server: Shell/Web Server: log4php4mambo.mamboforge.netIntegration of the famous LOG4J technology into Mambo Help any components, modules, mambots to have a way to create accurate informations in server logs files: Concepts: Origine of code: …
5469 Days ago
Ako comment smileys icons pack
I've slightly modified ako_comment to accept smileys packages....All You have to copy a new directory in \components\com_akocomment\packs\A smileys package MUST contain a file settings.php, for example I have a components\com_akocomment\packs\exoticThe name of the package will have to be save in the admin panel<?php $smiley[':cats'] = "cats.gif"; $smiley[':doctor'] = "doctor.gif"; $smiley[':cry'] = "cry.gif"; $smiley[':mad'] = "mad.gif"; $smiley[':eek'] = "sm12.gif"; $smiley[':upset'] = "sm25.gif"; $smiley[':zzz'] = "sm_sleep.gif"; $smiley[':vroum'] = "VroumVroum06.gif";?>This will let You choose very easily your own smileys...Expect a release tomorrow in …
5470 Days ago
Mambo com_akocomment antispam patch
Comments are welcomed!Here we go....I've patched the component Ako comment of Arthur Konze with a hashcash technology....:A new form hidden field:with a random name (Hname),with a random MD5 value (Hvalue),is now send to the user.If the user want to submit a comment, a browser has to:Locate the random hidden field name (Hname) with javascript: (function replace())Rehash with a javascript MD5 the hidden field value (Hvalue) (and this is time consuming for spammer :-) )and send everything to server.If the spammer …
5472 Days ago
No Thumbnail was found
I use previously Jedit ( and reach the limit very fast (no versionning, no helper, nothing...) I recommend to any serious developer to install:Eclipse from freePHPEclipse plugin from phpeclipse freeA concurent versionning system: CVS fro windows CVSNT freeA runnable Mambo environment like EasyPHP free …
5475 Days ago
No Thumbnail was found
Log4PHP Sick of echo "" and useless debug or error statement in PHP logs? Log4PHP is the famous brother of Log4J, and therefore it is a must for every average developer. I have packed log4PHP into a Mambo component. Enjoy!!!TODO: provide a editor for the configuration file inside the administration panellink in download section.... …
5475 Days ago
No Thumbnail was found
A Patch to protect Mambo administrator login page against brute force password attack! How it is working? It is a component com_hashcash containing alls script to create a MD5 key in PHP and javascript, and verifying a challenge.The server is sending inside a hidden field a MD5 value which is directly linked to the server, user sessionid, time.The client will have to encrypt with a MD5 javascript (costly cpu operation for a spammer) the value of this hidden field and …
5476 Days ago
No Thumbnail was found
SiteMap component (aka com_jm_sitemap) use on my homepage release in download section under GNU General Public License. You can find a living example in main menu under SiteMap/TOC).all credits goes to Copyright (C) James Mayer, Portland, OR USAChangelog: - reformating of source code, - add creation date for articles - add hits for articles - change pictures color and motifFuture:- different news icons for articles newer than 1 week, 1 months. - backend admin panelKnow bugs: - do not use …
5524 Days ago