Tired of frustrating, unreadable CAPTCHAs that leave users scratching their heads? Captcha - HashCash is a groundbreaking Joomla plugin that redefines form validation—without the hassle. Unlike traditional CAPTCHAs that rely on third-party services, mangled text, or complex puzzles, HashCash offers an invisible, JavaScript-based solution that requires nothing from your users but a modern browser—no external services, no extra cookies, making it a perfect fit for GDPR and EU e-Privacy Directive compliance. Say goodbye to deciphering distorted words, solving math problems, or matching photos—your visitors won’t even know it’s there!
The Invisible Shield Against Bots
Originally proposed by Adam Back in 2002, HashCash leverages a brilliant concept: it demands a complex calculation embedded in your form, one so computationally intensive (requiring hundreds or thousands of attempts to solve) that bots or malicious scripts would waste prohibitive amounts of processor time trying to crack it. When a user arrives at your form, the calculation runs silently in the background, completed automatically via JavaScript. The server then verifies the solution with a single, lightning-fast check—if correct, the user proceeds; if not, the submission fails. Bots relying on Python scripts or basic automation? They’re out of luck—they must use a JavaScript-enabled browser to pass, making form abuse a thing of the past.
v5.2.17
P
Seamless and User-Friendly
The beauty of HashCash lies in its invisibility. Your users won’t see or interact with it—it happens effortlessly behind the scenes, ensuring a frictionless experience. Whether they’re submitting a contact form, registering, or reporting a bug, they’ll enjoy a smooth process while your site remains protected. Want to see it in action? Visit our bug reporting page (link below)—while you won’t notice the CAPTCHA itself, watch your process monitor (e.g., top in Linux) to catch a CPU spike as the calculation runs!
HashCash - Simple, Powerful Configuration
Setting up "Captcha - HashCash" couldn’t be easier. Open the plugin, choose your desired difficulty level—ranging from 1 (minimum) to 4 (maximum)—to balance security and performance. For an extra layer of protection, enable the optional delayed calculation feature: the script waits until the user interacts with the form, foiling bots that rush submissions or linger too long. Bots waiting for the CAPTCHA? They’ll wait forever. Bots submitting too quickly? They’ll miss the mark.
Privacy-First Design for GDPR Compliance
In an era of stringent privacy regulations like the GDPR and EU e-Privacy Directive, "Captcha - HashCash" stands out as an ideal solution. Traditional CAPTCHAs often rely on external services (e.g., Google reCAPTCHA), which can introduce third-party cookies and tracking mechanisms—potential headaches for website owners aiming to comply with EU laws. HashCash eliminates these concerns entirely. By operating solely within your site’s JavaScript environment, it avoids external dependencies and prevents additional cookies from being placed on user systems. This self-contained approach not only enhances user trust but also simplifies compliance with privacy standards, making it a go-to choice for privacy-conscious developers and businesses.
Cutting-Edge Captcha Technology (2002 meets 2025)
Powered by the Web Cryptography API and Subtle.Crypto, "Captcha - HashCash" harnesses modern JavaScript capabilities to deliver a lightweight, efficient solution. No third-party dependencies, no server strain—just robust, autonomous protection for your Joomla forms.
Protect your Joomla forms effortlessly with "Captcha - HashCash"—the painless, invisible CAPTCHA that keeps bots at bay while delighting your users by not forcing them to do tricks like a trained animal.
Advanced HashCash Features
They abuse your site, now you can abuse their bot. While monitoring for abnormal activity, the plugin CAN alter the calculation if a bot is detected. This alteration causes the solution to be impossible. The bot will calculate FOREVER, and if by magic - the bot manages to achieve the answer, the answer will be wrong. This feature is turned OFF by default so you can decide if you want to do this.
I posed the moral dilemma to the Joomla forums and received 100% approval. In the opinion of the forum, if they abuse your form - they deserve what they get.
Fully Secure
Avoiding misunderstandings, this extension has never been found to have any vulnerability. This CVE from 2006 is not plg_captcha_hashcash.
CVE-2006-3750 is for a different Joomla extension.
Fancy a Demo?
Visit the Contact Us link in the footer! There is, of course, nothing to see except a spinning (and disabled) submit button until you interact with the form.
Practical Applications
HashCash Features
- Configurable Difficulty: Adjust the calculation intensity from 1 to 4 for optimal security.
- Invisible Protection: No mangled text, math problems, or user interaction—just seamless defense.
- Automatic Completion: Runs silently in the background with JavaScript.
- Bot-Proof Design: Requires a JavaScript-enabled browser, thwarting automated scripts.
- Delayed Calculation (Optional/Default): Foils bots by timing the calculation to user interaction.
- Modern Tech: Leverages Web Cryptography API for efficient, cutting-edge security.
- Privacy-Friendly: No external services or cookies, ensuring GDPR and EU e-Privacy Directive compliance.
Download the Plugin
Frequently Asked Questions:
What is the Captcha - HashCash plugin?
The Captcha - HashCash plugin is a robust, user-friendly solution designed to protect your Joomla website from spam and abuse by implementing the HashCash proof-of-work system.
How does HashCash work?
HashCash operates on the principle of requiring computational effort to prove that an action (like submitting a form) is genuine. It adds a small delay for users, making automated spam attempts infeasible due to resource exhaustion.
Is this plugin easy to install and configure?
Absolutely! Our plugin comes with a straightforward installation process and an intuitive admin interface, allowing you to set up HashCash protection quickly and easily.
Can I customize the appearance of the Captcha?
Given its invisible nature, customizing visual elements isn't applicable. The Captcha - HashCash plugin operates discreetly in the background, focusing on functionality rather than aesthetics.
Does this plugin support multiple forms or just one?
This plugin provides comprehensive protection across all forms on your Joomla site with no configuration needed per form, streamlining security management.
How does this plugin ensure security without user interaction?
User interaction is actually the key to enabling the advanced functionality of the plugin. They're just not interacting with the captcha.
What are the system requirements for using this plugin?
The Captcha - HashCash plugin is compatible with Joomla 3.x and later, requiring PHP 7.2 or higher and basic server configurations typically found in shared hosting environments.
What does the punish feature do?
When a bot is detected (by doing something a human would never do), the bot is presented with an unsolvable hash operation. It will perform the calculation forever, or until someone stops it.