Drupal is a registered trademark of Dries Buytaert
drupal 11.3.8 Update released for Drupal core (11.3.8)! drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! linkit 7.0.14 Minor update available for module linkit (7.0.14). masquerade 8.x-2.2 Minor update available for module masquerade (8.x-2.2). video_embed_field 3.1.0 Minor update available for module video_embed_field (3.1.0). bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). editoria11y 3.0.0 Major update available for module editoria11y (3.0.0). trash 3.0.27 Minor update available for module trash (3.0.27). twig_tweak 4.0.0-alpha2 New alpha version released for module twig_tweak (4.0.0-alpha2). twig_tweak 4.0.0-alpha1 First alpha version released for module twig_tweak (4.0.0-alpha1). node_revision_delete 2.1.1 Minor update available for module node_revision_delete (2.1.1). commerce_paypal 2.1.2 Minor update available for module commerce_paypal (2.1.2).
← All modules

nobotiq_spam_protection

1 sites Security covered
View on drupal.org

The module sends submitted text and email addresses to the NoBotIQ AI engine in real time and blocks the request if spam is detected, before it ever reaches your inbox or database.

Features

NoBotIQ Spam Protection provides AI-powered spam filtering for Drupal sites of any size:

- Contact form protection — checks submitted messages against the NoBotIQ API and blocks delivery if spam is detected
- Email verification — detects disposable, temporary, and spam-trap email addresses at registration or form submission
- Text spam detection — analyzes the title and body of any submitted content (comments, webform submissions, registrations) for spam patterns
- Hybrid check — simultaneously validates both email and text content in a single API call for maximum efficiency
- No CAPTCHA needed — protection runs invisibly in the background, keeping UX smooth for legitimate users
- Token-based billing — credits are consumed per API call based on text length; unused credits never expire
- Configurable responses — choose to silently block, show a validation error, or log spam attempts

Ideal for any Drupal site with user-generated content: community platforms, marketplaces, membership sites, HR portals, contact-heavy business sites, and SaaS products.

Post-Installation

After enabling the module, navigate to Configuration → Web services → NoBotIQ Spam Protection (/admin/config/services/spam-protection) to complete setup:

1. Register a free account at nobotiq.com — you receive 3,000 free credits on sign-up, no credit card required.
2. Copy your API credentials (Client ID, Client Secret, and your account username/password) from the API Documentation page inside your NoBotIQ account.
3. Paste the credentials into the module configuration form and save.
4. Select which forms to protect — contact forms, comment forms, user registration, or custom webforms.
5. Choose check types per form: email-only, text-only, or hybrid (email + text combined).

Once configured, the module operates silently. Spam submissions are blocked before processing; legitimate submissions pass through without any friction.

Additional Requirements

- Drupal 10 or 11
- A free or paid NoBotIQ account at nobotiq.com (includes 3,000 free credits on registration)
- PHP `curl` extension (standard on most hosting environments)
- Outbound HTTPS access to `nobotiq.com` from your server

No additional Drupal contrib modules are required.

Recommended modules/libraries

- Webform — NoBotIQ protection can be extended to custom Webform elements for full-site coverage
- Honeypot — can be used alongside NoBotIQ as a first-pass bot filter before API credits are consumed
- Flood Control — rate-limiting as a complementary layer against brute-force submissions

Similar projects

- Antispam (Mollom) — Mollom service has been discontinued; no longer actively maintained
- Akismet — focused primarily on comment spam; requires a WordPress.com account; no hybrid email+text check in a single call
- CleanTalk — subscription-based with a fixed monthly fee regardless of usage; NoBotIQ uses pay-as-you-go credits with no monthly commitment
- Honeypot — bot detection only via hidden fields; no AI-based content analysis; works well as a complement to NoBotIQ
- CAPTCHA — requires active user interaction; degrades UX and accessibility; NoBotIQ works invisibly in the background

What makes NoBotIQ different:

AI-based content analysis (not just pattern matching), hybrid email+text checks in one request, no CAPTCHA friction, pay-as-you-go pricing with no subscription, and credits that never expire.

Supporting this Module

The best way to support continued development of this module is to use and top up your NoBotIQ account. You can also place a backlink to NoBotIQ on your site to receive discounted credit pricing — see the FAQ on nobotiq.com/faq for details.

For bug reports and feature requests, please use the issue queue on this project page.

Community Documentation

- Full API reference: nobotiq.com/api-docs *(requires free registration)*
- Pricing and credits: nobotiq.com/pricing
- FAQ: nobotiq.com/faq
- Support email: [email protected]

Activity

Total releases
5
First release
Mar 2026
Latest release
4 weeks ago
Release cadence
5 days
Stability
80% stable

Release Timeline

Releases

Version Type Release date
1.0.3 Stable Mar 30, 2026
1.0.2 Stable Mar 25, 2026
1.0.1 Stable Mar 20, 2026
1.0.0 Stable Mar 18, 2026
1.0.x-dev Dev Mar 11, 2026