Spam prevention

Spam prevention for your Flarum community.

Compatible with Flarum v1.8.5

Latest release 1.5.0


released on Aug 29, 2022

Spam prevention is an extension based on our spam fighting experience on the official Flarum community Discuss. After installation it does a great job at preventing any form of unwanted spam. Give it a spin if spam is an annoyance on your community!


  • flarum/approval - this is required
  • flarum/flags - this is recommended
  • fof/spamblock - optional, when enabled immediately deletes users that open discussions with spam subjects


composer require blomstra/spam-prevention

Now enable this extension from your admin area and it will already do its job. No further configuration needed.

That's it. Read below what this package does and how to customize its behavior.

Spam prevent logic

How does it try to identify spam?

  • it scans for phone numbers
  • it scans for email addresses
  • it scans for links that aren't in the allow list
  • it identifies the language used against the language packs installed
  • it ignores elevated users (mods and admins)

Where does it scan for spam?

  • it scans (first) posts
  • it scans user bio's

How does it take action?

  • it flags posts with flarum/flags enabled
  • it marks posts as not approved with flarum/approval enabled
  • it overwrites user bio's if it identifies spam
  • it marks users as spammer if a discussion subject contains spam with fof/spamblock



 * This file is part of Flarum.
 * For detailed copyright and license information, please view the
 * LICENSE file that was distributed with this source code.

use Flarum\Extend;
use Blomstra\Spam;
use Laminas\Diactoros\Uri;
use Flarum\User\User;

return [
    (new Spam\Filter)
        // use domain name
        // or just a full domain with protocol, only the host name is used
        // even a link works, only the domain will be used
        // Alternatively, use an array of domains
        // Use custom (expert) logic.
        // Return true to ignore further checking this link for validity.
        ->allowLink(function (Uri $uri, User $actor = null) {
            if ($uri->getHost() === '') return true;
        // How long after sign up all posts are scrutinized for bad content
        // How many of the first posts of a user to scrutinize for bad content
        // Specify the user Id of the moderator raising flags for some actions, otherwise the first admin is used
        // Disable specific spam prevention components


Why is there no admin settings page?

Building a ux for an extension takes a lot of time, especially when the code isn't mature enough. Changes to the inner workings might affect a settings page countless times. We will build a settings page once we're satisfied about the features contained in this tool.

  • Blomstra provides managed Flarum hosting and development.

© 2024 Hyn by DaniĆ«l "Luceos" Klabbers. All rights reserved. · Extensions and extension information is provided by the respective (copyright holding) authors. · Extiverse is not affiliated to the Flarum project or Flarum foundation. · Images on Extiverse pages are from Unsplash.