K2 is probably the most popular Joomla component today. It enables Joomla with two very important features that per our opinion should be incorporated in the core Joomla. Beside the many other features, those two most important features are content tagging and commants of articles. The comment form in your article pages is one of the most often used for spamming. There’s no better way for a spammer to get a link from your site than to leave a pointless comment on your article.
Fighting against the spam in the comments is one of the dullest thing that you do while maintaining your website. You must check all the comments daily and separate the valuable ones from the spam. But, what could happen if somebody try to write 250.000 spam comments on your site in one single day which happened to us recently? Your site would probably go down! Your web hosting provider would block your site asking you to inspect and resolve the issue.
Solution:
Go to Administrator ->Global Configuration->K2->Comments
then
disabled all comments settings.
then
disabled all comments settings.
After installation of the K2 component, go to K2 parameters (click Parameters icon in the top-right corner). Then go to Comments tab, and you’ll see what we illustrated in the picture 1. So, your comments are completely open for bombarding of your site with the unwanted content.
Therefore, the first thing that you should change in parameters immediatelly after setup of K2 component, is the way how it handles new comments and who is allowed to comment. I suggest allowing comments for theregistered users only. Also, you should set in your global Joomla configuration that verification of email for new accounts is mandatory. This will require more work from the potential spammers in order to write comments on your site. Also, you should disable the comments auto-publishing. This means that every comment must be manually confirmed before it’s published. When spammer or spam bots see their comments are not published, they will probably leave your site alone. In addition, you should consider enabling reCaptcha, but in this case you must register on reCaptcha’s site and enter your account details in the Advanced tab of the K2 parameters. Please take a look at the image 2.