Akismet antispam module for Silverstripe

Installs: 142 246

Dependents: 1

Suggesters: 0

Security: 0

Stars: 2

Watchers: 6

Forks: 11

Open Issues: 5


4.5.1 2024-02-07 02:56 UTC


Akismet Silverstripe Module

NOTE: This module is no longer commercially supported in Silverstripe CMS 5 and it does not provide a CMS5-compatible version. The parent library is outdated and there are better alternatives like UndefinedOffset/silverstripe-nocaptcha.


Simple spam filter for Silverstripe using Akismet

Also, please report any issues you may encounter, as it helps us all out!

Please see the changelog for module history.

Credits and Authors


Note: For a Silverstripe 3.x compatible version, please use the 1.x release line.

Installation Instructions

This module can be easily installed on any already-developed website

  • You can install using Composer, as below:
composer require silverstripe/akismet ^4.0

AkismetSpamProtector is automatically assigned as the default spam protector class.

  • Get an API key from and set in the site against one of the following ways.


Name: myspamprotection
  api_key: 5555dddd55d5d


use SilverStripe\Akismet\AkismetSpamProtector;




If instead you want to configure your akismet key via the siteconfig (as a password field) you can add the included extension to SiteConfig


    - SilverStripe\Akismet\Config\AkismetConfig

Priority of defined API keys

Please note that the API key values defined in the various ways above will be prioritised as:

  1. Values assigned to the singleton via AkismetSpamProtector::singleton()->setApiKey()
  2. Values defined in configuration, whether YAML or in _config.php files with Config::modify()->set(...)
  3. Values defined in the environment via .env


By default, spam protection is disabled for users with ADMIN priviliges. There is also an option to disable spam protection for all logged in users. In order to disable this for testing purposes, you can temporarily modify these options in your development environment as below:

use SilverStripe\Akismet\AkismetSpamProtector;
use SilverStripe\Control\Director;
use SilverStripe\Core\Config\Config;

if (!Director::isLive()) {
	Config::modify()->remove(AkismetSpamProtector::class, 'bypass_permission');
	Config::modify()->remove(AkismetSpamProtector::class, 'bypass_members');

In order to check that your form is blocking spam correctly, you can always set 'viagra-test-123' as the author and Akismet will always mark this as spam.


If you're using Comments module you can quickly set akismet to filter these out by adding the CommentSpamProtection extension to the CommentingController


    - CommentSpamProtection

If necessary, you can also mark spam comments to be saved to the database. This will still display the spam rejection notice, but spam comments will now be available for moderation in the backend. In order to enable this feature add the following to your configuration.


# Allows spam posts to be saved for review if necessary
  save_spam: true

Custom Form Usage

To enable spam protection in your custom forms, call the enableSpamProtection method with your field names mapped to the akismet fields:

$form  = new Form($this, 'Form', $fields, $actions, $validator);
  'mapping' => array(
    'Name' => 'authorName',
    'Email' => 'authorMail',
    'Comments' => 'body'

Important notes for those in the EU

Because of the way Akismet works (message, author, and other information sent to a third party) in some countries it's legally necessary to notify and gain the user's permission prior to verification.

To create a checkbox style authorisation prompt for this field set the following configuration option:


  require_confirmation: true


Config::modify()->set(AkismetSpamProtector::class, 'require_confirmation', true);