English
French
German
Italian
Polish
Portuguese
SpanishTo help you understand what is happening on your site, the Spam Protection module can record details about every form submission. This is disabled by default to save database space, but we recommend enabling it temporarily if you are troubleshooting or monitoring security.
1. Enabling Logs
Go to the module configuration page.
- Scroll down to the Advanced Settings section at the bottom.
- Set the Logs switch to Enabled.
- Click Save.
2. Viewing the Logs
The module writes its entries to the standard PrestaShop log system.
- In your Back Office menu, go to Advanced Parameters > Logs.
- Look for entries where the Message starts with
Spam Protection:.
Tip: Failed attempts (blocks) are logged as Error (Severity 3), making them easy to spot in red. Successful verifications are logged as Informative (Severity 1) and appear in green.
3. Understanding Error Codes
When you open a log entry, you will see a JSON message explaining why the visitor was allowed or blocked. Here are the common error codes you might see:
| Error Code | Meaning | Solution / Explanation |
|---|---|---|
low-score |
Google Only: The user's score was below your Security Level threshold. | Google thinks this visitor is a bot. If real humans are getting this, lower your Security Level setting. |
invalid-input-response |
ALTCHA Only: The math puzzle solution was incorrect. | This usually means a bot tried to bypass the security. If humans see this, your Complexity might be too high for their device. |
missing-secret-key |
ALTCHA Only: No Secret Key found. | You forgot to click the Generate button in the module settings for ALTCHA. |
missing-captcha |
The form was submitted without any verification data. | This often means a Javascript conflict on your site or the user is using a browser that blocks scripts. |
connection-failed |
Google/hCaptcha Only: Your server could not reach the provider. | Your server has a connection issue. Check with your hosting provider if outgoing connections to Google or hCaptcha are blocked. |
ip-blacklisted |
The visitor's IP address is on your manual blacklist. | The request was blocked because the IP matches a pattern in your Blacklist IPs field. |
email-blacklisted |
The visitor's email address is on your manual blacklist. | The request was blocked because the email matches a pattern in your Blacklist Emails field. |
disposable-email-detected |
A temporary/fake email address was used. | The user tried to use a "10-minute mail" service. This is normal if Check for Disposable Emails is enabled. |