Honey Spam Anti-Spam for Magento 2

Honey Spam Anti-Spam Extension for Magento 2
Hyvä Compatible Themes Compat Module
Mage-OS Compatible
Composer Installation Composer Installation?

No More Spam In Your Magento 2 Store!

Say goodbye to spam with the most flexible, powerful and reliable spam protection and filter for your Magento 2 shop.

Flexible - Reliable - GDPR Compliant:

  • 100% Effective & Reliable Spam Protection
  • Standard & Custom Forms Supported
  • Detect & Block Spam With
    Several Sophisticated Techniques
  • GDPR & Privacy Compliant
  • Server-Side Spam Detection
    -> No Impact On Performance
  • No Captcha
    -> No Impact On User Experience

View All Highlights


Magento Marketplace Approved by
  • One-Time Payment
  • Lifetime Access To Source Code
  • 1 Year Free Support
  • 1 Year Free Updates

Approved & Verified by Magento Marketplace


1st Extension Provider
     With Hyvä Support
     Awesome since 2021!


Unencrypted. 100% Open Source & Customizable


Coding Standards Applied. Clean & Readable Code


Countless Satisfied Customers: Be The Next One!


Made With Love

Our extensions are made with love & passion for building new things, perfection & performance in mind.


Field Tested

Our extensions are field-proven in our own client projects.

Customer Feedback


Honey Spam Anti-Spam: Reliable Spam Detection & Protection For Your Magento 2 Store

⛔ No More Spam! ⛔
Protect All Your Forms:

Contact Form, Customer Registration, Newsletter Subscription & Product Reviews
as well as Custom / 3rd Party Forms

Flexible - Reliable - GDPR Compliant


Sooner or later every Magento store faces the problem:
Spambots flooding the store with spammy customer registrations, contact messages, newsletter subscriptions, or product reviews with obscure content and links to malicious websites. All this spam is annoying and takes time to clean up.
But it is not only an annoyance: a store hit by spambots is also at risk of ending up on spam black-/blocklists due to the mass of customer account & newsletter subscription confirmation emails that are sent out for the fake registrations and subscriptions.
As a result, transactional emails send to legit customers will be blocked by their spam filters. Not being able to reach out to customers anymore via email, a true nightmare for any store owner!
Getting spambots under control is not the easiest task. Unfortunately, common measures such as "form keys" or "captchas" are either not effective enough to block spambots or a huge annoyance and user-unfriendly burden for the real customers. Or, e. g. in the case of Google ReCaptcha, even a GDPR compliance risk because customer personal identifiable data (PII) is shared with the captcha service provider
and a performance issue due to additional scripts being loaded. Annoying customers, breaching their privacy, risking high fines for non-compliance with privacy laws? For sure any merchant will want to avoid these issues!
But how to fight the battle against spambots in a better way, avoiding the problems and risks that come with the default solutions?
Here comes the good news: We got you covered: Flexible, reliable, and GDPR compliant spam protection for Magento 2 is possible.
Read on to learn more about:
Honey Spam Anti-Spam and how it will protect your Magento 2 store from spam.


JaJuMa Honey Spam Anti-Spam protects your Magento 2 store against spambots.
The most flexible, powerful, and reliable spam protection and filter you can get for your Magento store:
For detecting spam effectively while avoiding false positives the extension comes equipped with several filter mechanisms, each flexibly configurable, even for each form separately, and aiming specifically at identifying spam based on typical characteristics of spambots:

  • Spam detection based on hidden form field
  • Time based spam detection
  • Flexible score based spam detection
    based on unlimited individual scoring rules

With JaJuMa Honey Spam Anti-Spam you have full control over the rules and logic used for identifying and blocking spam and over your data. All the filtering is processed locally on your server, no data is shared with 3rd party service providers.
By using this module, you don't have to worry about spam anymore AND avoid the risk of being incompliant with privacy laws such as GDPR.

Last but not least, optionally a form submit that was detected as spam, can be logged for you to review from time to time as needed, even conveniently from your backend. By this, you have transparent insight into the spam activity on your site as well as into the filtering applied and how well it works. False positives, if ever any, won't go unnoticed, giving the chance to understand how your spam filters might need to be adjusted or fine-tuned for maximum efficiency.


Honey Spam Anti-Spam by JaJuMa-Develop
The most flexible, powerful, and reliable spam protection and filter
for your Magento 2 store

Filter & Block Spam - Flexible & Reliable - Privacy & GDPR


100% Effective & Reliable
Spam Protection

For Magento 2 Stores


Detect & Block Spam
Based On

Multiple Sophisticated Techniques


Form Field

As Honeypot for Spambots



As Trap for Bots vs. Human


Scoring Rules
Separate For Each Form

For Highly Accurate Spam Detection


Super Flexible
Pattern Matching

For Highly Targeted Spam Detection


GDPR & Privacy
Law Compliant

No (PII) Data Shared with 3rd Parties


Fully Transparent
Spam Handling

By Logging or Saving Spam


100% Local

No Dependency From 3rd Party


Protects 4
Default Magento Forms

And Custom Forms


Spam Detection &
Handling Configurable

for Each Form Separately


Customer Registration

Spam Protection



Spam Protection


Subscription Form

Spam Protection


Product Review

Spam Protection



No Scripts/Styles/Fonts Loaded

Hyvä Theme Compatible
See Hyvä Demo
Mage-OS Compatible
See Mage-OS Demo


Honey Spam Anti-Spam Extension for Magento 2 by JaJuMa In Detail. Stay Compliant with GDPR & Privacy Laws and Independent from 3rd Party Services.

Say Good-Bye to Spam in your Magento 2 store now.

JaJuMa Honey Spam Anti-Spam Extension

Looking for the perfect solution for detecting and blocking spam in your Magento 2 store?

Then JaJuMa Honey Spam Anti-Spam is the right extension for you! Sophisticated spam detection utilizing multiple techniques enables you to catch even the most advanced spambots reliably. Flexible, form individual configurations allow highly precise and targeted spam detection and protection with the lowest risk of false positives. For each, Customer Registration Form, Contact Form, Newsletter Subscription Form and Product Review Form as well as custom forms.

The extension provides full and transparent insights on how the spam filtering works, through optional logging and/or saving any form submit that was detected spam, allowing you to check your configurations and monitor for false positives (if there are any at all).

With our solution, all your data remains under your control. No dependencies from and no data shared with 3rd Parties.
No worries about GDPR and other privacy laws or high fines because of breaching them.

Why waiting? Say goodbye to spam in your Magento 2 store today, without user-unfriendly captchas or creating other new problems.
Simply detecting & blocking spam, reliably and headache-free.

Honey Spam Anti-Spam For Magento 2

Why Should I Use Honey Spam Anti-Spam Module?

Spam is not only annoying but also a risk for your reputation.
No question: Every Magento merchant needs to get protective measures against spam in place.
Either when it happens or even better, pro-actively before it is too late and spambots are already doing their harm. Learn below why Honey Spam Anti-Spam is the most complete solution for you to be perfectly prepared for any spam attack coming at your store and what distinguishes this module from others.


The Hidden Form Field:

The idea behind the hidden form field is actually simple: An additional form field that is invisible for your normal customers, so they will never input any value for this field. But bots will see this field and in many cases input some value to submit the form with "complete" data. So if a form submission is received where the hidden field is not empty, it is a clear indication it was not submitted by a real customer and can be safely classified as spam.

Why bother your customers or breach their privacy with annoying captchas to prove they are humans? Isn`t it smarter to place a honeypot as a trap for bots and let bots prove they are bots? :-) While this honeypot is working well in many cases, unfortunately, bots are getting smarter and manage to get around this trap. Other solutions trying to detect spam only based on this or similar techniques are not enough anymore. That's why we take spam detection to another level with our extension and added further detection techniques to make sure we can also catch the smarter bots:


Form Submit Time Check:

Any normal "human" customer will always need a certain time to fill out a form before submitting, for typing his name, email, compose the contact message, or write the review...
Bots on the other side do not have this limitation, automating the whole spam submission via scripts, submitting a form is only a matter of milliseconds.

So here we have another clear criterion for distinguishing between good and bad, spam and legit customers. Simply configure the time threshold and any form submitted too fast (within a time below the configured threshold) will be treated as spam.
But unfortunately more sophisticated spambots are prepared for this as well and delay their form submissions to avoid being detected as spam.

With hidden form fields and submit time check we have two simple but quite effective spam detection techniques combined in one extension that will identify many spambots already.
But that is not enough, you want complete protection, even catching the most advanced spam bots, right? :-) Thats what we thought, so we take it to a whole new level, with even more highly flexible, powerful and targeted spam detection based on a spam scoring:


Spam Scoring Rules:

With Spam Scoring Rules, we equip you with the most advanced and powerful spam detection and flexibility found with no other solution. While other solutions rely on one single method for detecting spam with JaJuMa Honey Spam Anti Spam you get the "Swiss Army Knife" for fighting spam with literally unlimited options to identify spam and get even the most persistent and most advanced spambots under control.

Our extension allows you to set up unlimited spam scoring rules. With each rule, you can match submitted form data against any pattern. With each matching rule, the spam score will be increased by the configured value.

Your store is flooded with spam from a certain IP Address or IP Range?
No problem, set up a spam score rule with a value higher than your max spam score and any form submit from these IP Addresses will be blocked right away.

Don't want to get contact messages from someone using no or a suspicious User-Agent, using a character-set you don't even understand like Cyrillic or Chinese?
No problem just set up a spam scoring rule that matches against User-Agent or checks for certain characters. Seeing spam that does not match one specific pattern? No problem, set up several rules that only reach the max spam score level when each of them match together at the same time.

With JaJuMa Honey Spam Anti-Spam and its unique combination of different means of spam detection you are prepared for any spam coming to your store, the possibility and options are endless. But spam in your store will have an end with this extension.

Scope & Features

Honey Spam Anti-Spam can be enabled & configured separately for following forms as needed:

  • Customer Registration Form
  • Newsletter Registration Form
  • Contact Form
  • Product Review Form
    as well as:
  • Custom Forms

For each of these forms, spam detection & actions can be configured separately:

Action On Spam Detect

If a form submission is detected as spam by the extension, you can choose the action to be taken:

  • Show message or
  • Redirect to error page

Depending on your selection you can then configure either:

  • Message shown if form submit was detected as spam
  • URL key to error page customer is redirected to if form submit was detected as spam.

Spam Detection

Following methods for detecting if a form submit is spam are provided by the extension and can be enabled/configured as needed:

  • Hidden Form Field:
    Real customers can not see and input a value for this field.
    So if a form is submitted with a value for this form field, it is detected as spam.
  • Form Submit Time Check:
    If a form is submitted faster than a configurable threshold (= faster than a real customer can fill a form), it is detected as spam.
  • Scoring Rules:
    Unlimited scoring rules can be configured. Each scoring rule matches the form data against a configurable pattern. For each matching rule, the spam score is increased by a configurable value. If spam score for a form submit is higher than configured max score level, it is detected as spam.

Logging and Saving Spam

If a form submit is classified as spam by one of the detection methods, the submitted data can be either

  • Logged to a log file and/or
  • Saved to DB

This is useful for debugging as well as for monitoring how the extension works.
For example spam saved to DB can be reviewed conveniently from backend to make sure the spam detection rules are working correctly and not producing too many false positives.

Write Your Review

Your Rating:

You submitted your review for moderation.

Frequently Asked Questions

General Magento Extension Questions
How to install Magento 2 extensions from JaJuMa?

We offer different ways of Magento 2 extension installation:

Before Installing

  • We recommend you to duplicate your live store on a staging/test site and try installation on your staging/test site before deploying to your live store
  • Backup Magento files and the store database

Please Note:
It’s very important to backup all themes and extensions in Magento before installation, especially when you are working on a live server. We strongly recommend you to do not skip this step.

Manual Extension Installation via FTP/SSH:

After purchasing an extension, you can download the module as .zip package in your Customer Account.
After downloading the .zip package, please follow these steps for installation:

  1. Log into your hosting space via a FTP client (e. g. FileZilla, WinSCP, cuteFtp)
  2. Create Folder: /app/code/Jajuma/[ExtensionName]*
  3. Unzip extension package and upload files into: /app/code/Jajuma/[ExtensionName]*
  4. Enter and run the following commands at the command line:
    php bin/magento setup:upgrade
    php bin/magento setup:static-content:deploy

* Note: [ExtensionName] can be found in registration.php file: Jajuma_[ExtensionName]


Extension Installation via Composer / Magento Marketplace:

For installation via composer, please get the extension

  • from Github and install as any other extension from Github or
  • from Magento Marketplace and follow this Installation Guide and
    make sure to use the correct key for Marketplace repo (the key that belongs to the account that purchased the module).
    In case of issue with installing via composer, please double-check to use the correct key for Marketplace repo.
    Your key should be in your auth.json file.

Links for composer installation to Github/Marketplace can be found on top of this page in technical info section - Click Here

Error Could not find a matching version of package jajuma/[module-name]. Check the package spelling, your version constraint and that the package

With this error message, most likely the key used for the Marketplace repo is wrong/invalid, i. e. not the key that belongs to the account that purchased the module. Please double-check to use the correct key for the Marketplace repo.

For installing extensions from Magento Marketplace, please follow this guide and make sure to use the correct key for the Marketplace repo:
Installation Guide

Please feel free to get in touch with our support in case you have any further questions or concerns or check with Marketplace support in case the installation issue can not be resolved.

Do you offer free technical support?

After purchasing a (non-free) extension we provide 12 month support via support ticket for free.

Do you offer customization service for your extensions?

Yes, please get in touch with our customer support so we can clarify your requirement and provide a quote.

Where can I download my extension?

You can download your extension from your customer account as soon as the payment has been processed.

Do you offer a free trial period?

Unfortunately, we can not offer a free trial period.

However, we do have demo site for all our extensions. Feel free to test all the features and see how the extensions work.

In case of any questions or concerns regarding compatibility or how some extension works our customer support is also always happy to help.

Do you offer refunds?

All our extensions are non-tangible downloadable goods. Hence we can unfortunately not issue refunds.

Refunds will NEVER be issued for services provided such as installation support, customization and software development work.


Version: 1.0.0

  • Initial Release

Version: 1.0.1

  • Fixed: Issue with GraphQL (for Hyvä Theme)

Version: 1.0.2

  • Update Spam Log Format

Version: 1.0.3

  • Update Spam Log Format

Version: 2.0.0

  • Added: Support for Custom Forms
  • Updated: Compatibility with M2.4.4 + PHP 8.1
  • Note: This is a major rework for support custom forms.
    ### Please make sure to migrate + reconfigure existing
    configurations and test before deploying to Live sites. ###

Version: 2.0.1

  • Fixed: Issue with custom form

Version: 2.0.2

  • Improvement: Exclude password, referer & uenc params from spam scoring & logging

Version: 2.0.3

  • Updated: M2.4.6 Compatibility & Coding Standard Updates

Version: 2.0.4

  • Improvement: Spam detected message translatable

More Extensions

Maybe also interesting for you?
More valuable Extensions and Add-Ons for your Magento Store

Our Customers Are Excited!

How do you like this extension?