SSL Labs ScoreHSTS Preloaded

Log in to participate

There is no cost to join RicheyWeb, and membership is a requirement to submit bug reports and participate in the support forums.

× Extension Discussions


5 years 2 months ago #73 by michael
HashCash was created by michael
HashCash 1.0
Finally, a captcha you can't read...wait...that's not what I meant......

HashCash 1.6.6


Finally, a captcha you can't read...wait...that's not what I meant... This is the captcha you don't even need to see.

Everyone knows the annoyance caused by captchas that are unreadable. HashCash is a different kind of validation. Unlike other captcha solutions, HashCash doesn't rely on 3rd party services or resources - and it doesn't require anything from your users other than a JavaScript enabled browser. No mangled words to decipher, no math problems to solve, no photos to match - nothing but arrival on a form page.

Originally proposed by Adam Beck in 1997, HashCash requires a form to include the solution to a complex calculation. The calculation is so complex (it takes hundreds or even thousands of attempts to solve it) that any human or bot attempting to abuse your forms will spend so much processor time solving the calculation that it wouldn't be profitable to continue attacking your forms! The server receives the result and can easily and quickly test it in 1 calculation - either it's right and your user continues or it's wrong and the form submission fails.

The best part is, HashCash is invisible (you can't read it - or even see it) and it happens in the background without user interaction! Your users arrive at the form and the HashCash calculation is automatically executed. Any bot attempting to submit your form without completing the calculation is rejected, and the calculation changes every time the form is submitted.


  1. Download HashCash from the RicheyWeb download page.
    • This page will remain unlinked, as the link may change in the future. Visit and use the search feature - search for "HashCash".
  2. In Joomla /administrator, go to the "Extensions" menu, the "Manage" sub-menu, and the "Install" sub-menu.
  3. Select the "Upload Package File" tab
  4. Press the "Choose File" button to browse your system and locate the plugin file you downloaded
  5. Press the "Upload & Install" button

At this point, the extension is installed but not enabled. You can find the plugin by going to the Extensions menu and selecting "Plugins". When in the plugin manager, search for "HashCash".


Configuration is simple. Open the plugin and choose the difficulty level. The predefined minimum (1) and maximum (4) levels prevent calculations that are too simple or too difficult to complete in an acceptable amount of time.


Please report bugs

Please Log in or Create an account to join the conversation.

1 year 2 months ago #4246 by Agabby
Replied by Agabby on topic HashCash
Hello.. so I'm confused .. is this supposed to just work automatically with the forms I use on my site? Do I have to add code to any of the forms? For example what about with my coming soon page that offers a login option? Thanks

Please Log in or Create an account to join the conversation.

1 year 2 months ago #4250 by michael
Replied by michael on topic HashCash
Yes and no... Once installed, configured, and enabled - you still must go into Global Configuration and select HashCash as your default Captcha.

THEN, anytime someone attempts to register on your site, HashCash will protect the form. Not only that form, any form that implements Captcha within Joomla.

Login forms don't implement captcha, so not on your coming soon page. It's generally used on registration, password reset, and that sort of thing.

It's a pretty simple system.

Please Log in or Create an account to join the conversation.

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Powered by Kunena Forum