Saving your Drupal site from Spam – Review of different spam modules

As our website grows, so does grows the spam attack on it. There are several well-known methods to prevent the spams. Here I have reviewed 4 of the most commonly used drupal modules to protect spam:

  1. Captcha
  2. Hidden Captcha
  3. Spamicide
  4. Mollom

Captcha is the oldest and most widely used spam filter. It presents with audio/visual challenge to the user which they must solve inorder to prove that they are human. But the smartest bots are smart enough to solve these challenges as well. However, we can prevent bots by increasing the difficulty or amount of distortion in the captcha.


I have seen sites presenting with most difficult captchas which I am never able to get through in first few attempts, I end up believing that I am a bot! Difficult captchas do prevent spams but this of course comes at the cost of punishing our faithful users with difficult challenges which may refrain participation.

Hidden Captcha is a user friendly solution and this is the thing I like about it – it does not require my users to prove that they are human and while they are being screened they don’t even get to know that their post is being tested. It doesn’t test whether the poster is a human rather it tests whether the poster is a bot and  then restricts posting by bots. This module creates hidden fields which are not visible to human posters but bots tend to fill in each and every field. The moment bots fill in fields not visible to human posters, hidden captcha classifies it as spam and doesn’t allow it to be posted.


One reason why I wont be using Hidden Captcha is that with little experience the bots learn to skip the fields meant to catch them. To outsmart the bots I’ll have to regularly and smartly keep changing the questions so that I can fool the bots every time. This filter is of course easy and user friendly but the time factor involved in keeping the filter robust is something we all are not ready to compromise in our busy schedule, we want something that is that is robust and easy for us as well as our users.

Spamicide is very much similar to hidden captcha. This module also creates hidden fields not visible to human posters. Both hidden captcha and spamicide are well maintained and popular, but hidden captcha depends on the CAPTCHA module while spamicide is standalone. CAPTCHA can count the number of times it misses whereas Spamicide doesn’t count. Spamicide auto-injects itself in all forms which is kind of a waste for all the Admin forms.

I will always prefer spamicide over the first 2 modules discussed here because it is easy to use, easy to set-up and it filters out most of the spam.

Mollom is like a human moderator on autopilot and it is often referred to as “intelligent” web service. The way mollom function is, by splitting the content into 2 categories: ham or spam. Ham is the desirable content posted by us “the human being” whereas spam is the undesirable content posted by the bots that needs to be filtered out. All the incoming content undergoes mollom screening and gets published on the website only if it falls under the “ham” category. Mollom keeps updating its deciding factors by analyzing the history of activities within its network. It also considers the content of the post and poster’s reputation while determining whether to post the content or not. Whenever Mollom is unsure, it performs second level check – by presenting to the poster an audio or visual CAPTCHA challenge that they must complete in-order to post the content.


I have found it as one of the most robust filter for spam which keeps getting intelligent. Atleast one filter that gets intelligent as the bots are getting intelligent.


  Captcha Hidden Captcha Spamicide Mollom
Method of Spam Detection Challenge response test Hidden input field Hidden input field Filters out spam based on intelligent content moderation
User friendly spam filtration process No Yes Yes Somewhat
User interaction Required Not Required Not Required Seldom required
Dependency on other module None Depends on Captcha module None None
Pros Easy to setup and blocks nearly all spam. It comes with a few different styles and is quite configurable Identifies bot activity when hidden fields are filled. No interference with user experience. Does not interfere with the user experience in anyway. Believed to block 99.93% of spam and offers two SPAM prevention techniques. The traditional CAPTCHA test, and an invisible word filter.
Cons Not user friendly. Advanced spam bots can understand the captcha and get through. It takes up space on the page and adds visual clutter. It doesn’t block as much spam and you need to change the question every so often once spammers start to catch on. About once or twice a month. Spamicide auto-injects itself in all forms which is kind of a waste for all the Admin forms. The filter can sometimes flag legitimate entries as spam. Users still have to read and type in the captcha.


Of the 4 modules, Mollom is the most effective spam filter and it is growing on its intelligence to use it for spam monitoring.  However, this is also not a 100% cure for spams. But using Mollom with Spamicide is an effective shield for your Drupal website against spams which in most cases filter out 99.99% of the spams.


Disha's picture

About the Author


Disha is a freelance blogger and digital marketer. She creates content
about online marketing, SEO, CMSs and m-Commerce. She has just
enrolled in Hubspot's Inbound Marketing Program and is pretty kicked
about it.