In Joomla, there is a standard component Contacts (com_contact) for contact forms. By default, these contact forms let the sender receive a copy of the form contents.
Combined with a freely entered e-mail address, anyone can use the contact form for spamming anyone.
If you use contact forms in Joomla for your website, you must disable this function. Additionally, we recommend that you activate CAPTCHA in Joomla by following the instructions here.
Please follow the instructions below to ensure that your contact forms cannot be used for spamming.
Login to Joomla admin
In the top menu, select System → Global Configuration
In the left menu, select Contacts, and then the Form tab.
Set the option Send Copy to Submitter to Hide
Click on Save to save the changes
Additionally, you must check that each contact form you have already created does not have a separate setting for this option:
In the top menu, select Components → Contacts → Contacts
Click on the contact form
Click on the Form tab and ensure that the option Send Copy to Submitter is set to Use Global (Hide) or Hide
Click on Save
If you have additional contact forms, you must repeat points 2-4 above for each form.
support
+47 2294 3333 (open)
