This page last changed on Dec 17, 2007 by smaddox.

Captcha Configuration 

If your Confluence site is open to the public you may find that automated spam is being added, in the form of comments or new pages.

You can configure Confluence to deter automated spam by asking users to prove that they are human before they are allowed to:

  • Sign up for an account
  • Add a comment
  • Create a page
  • Edit a page

Captcha is the technical term for a test that can distinguish a human being from an automated agent such as a web spider or robot. When Captcha is enabled, users are required to read some text from an image (see the example on the right) and type the text into the form.

When Captcha is on, users will need to recognise a distorted picture of a word, and must type the word into a text field. This is easy for humans to do, but very difficult for computers.

You can choose which users don't have to complete Captchas. You can exempt signed-in users (they will have completed a Captcha when they signed up), or members of particular groups.

By default Captchas will not be shown to registered users. Only anonymous users will have to perform the Captcha test when creating comments or editing pages.

If you don't trust all registered users, you can choose to disable Captchas for only a certain group/groups of users.

You can also customise the Captcha image (see Advanced Configuration below).

You need to be a Confluence administrator to enable Captcha.

To enable Captcha for Confluence,

  1. Click the 'Administration' link in the top right corner of any Confluence screen.
  2. Choose Spam Configuration' from the 'Configuration' menu on the left.
  3. Turn on Captcha by clicking the 'ON' link.
  4. If you want to disable Captcha for certain groups:
    • Select 'No one' if you want everyone to see Captchas.
    • Select 'Signed in users' if you want only anonymous users to see Captchas.
    • If you want everyone to see Captchas except members of specific groups, select the 'Members of the following groups' and enter the group names in the text box.
      You can click the magnifying-glass icon to search for groups. Search for all or part of a group name and click the 'Select Groups' button to add a single or multiple groups to the list.
    • To remove a group from the list, delete the group name.
  5. Click the 'Save' button.

Advanced Configuration

You can also control which type of image is presented to your users. This requires editing the applicationContext.xml file which you can find in the confluence/WEB-INF/classes directory under your Confluence installation.

The section of this file which configures Captchas looks like this:

<!-- Image capture service -->
<!-- this is a very easy captcha generator. If you want difficult captures, uncomment the DefaultGimpyEngine below,
       or use an engine class from http://jcaptcha.sourceforge.net -->
<bean id="captchaEngine" class="com.atlassian.confluence.security.ConfluenceCaptchaEngine" autowire="byName"/>
<!--bean id="captchaEngine" class="com.octo.captcha.engine.image.gimpy.DefaultGimpyEngine" autowire="byName"-->
<bean id="captchaManager" class="com.atlassian.confluence.security.DefaultCaptchaManager" autowire="byName"/>

You can replace the 'captchaEngine' class with any text-based engine from jcaptcha.


captcha.png (image/png)
Document generated by Confluence on Dec 20, 2007 18:52