@arnaudw38/nodebb-plugin-spam-be-gone 1.0.0

package/LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Aziz Khoury
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

package/README.md

@@ -0,0 +1,136 @@
+# nodebb-plugin-spam-be-gone
+
+Anti-spam plugin for **NodeBB 4.x** with **Cloudflare Turnstile** (Turnstile-only fork).
+
+> This fork removes all **reCAPTCHA** and **hCaptcha** support and uses **Cloudflare Turnstile only** for human verification.
+
+## Highlights
+
+- ✅ **NodeBB 4.x compatible**
+- ✅ **Cloudflare Turnstile only** (no reCAPTCHA / no hCaptcha)
+- ✅ Turnstile challenge on **registration**
+- ✅ Optional Turnstile challenge on **login**
+- ✅ **Akismet** checks for posts/topics
+- ✅ **StopForumSpam** reporting + queue tooling
+- ✅ **Project Honeypot (http:BL)** checks during registration
+
+## Compatibility
+
+| Component | Version |
+|---|---|
+| NodeBB | `^4.0.0` |
+| nbbpm compatibility | `^4.0.0` |
+
+## Installation (npm)
+
+From your NodeBB root directory:
+
+```bash
+npm install nodebb-plugin-spam-be-gone
+./nodebb build
+./nodebb restart
+```
+
+Then enable the plugin in:
+
+**Admin → Extend → Plugins** (or your NodeBB plugin management page)
+
+## Configuration
+
+Open:
+
+**Admin → Plugins → Spam Be Gone**
+
+### Cloudflare Turnstile setup
+
+1. Create a **Turnstile widget** in your Cloudflare dashboard.
+2. Copy your **Site Key** and **Secret Key**.
+3. In the plugin settings, enable Turnstile and paste both keys.
+4. Save settings.
+5. Rebuild & restart NodeBB if needed.
+
+### Turnstile options supported (plugin settings)
+
+- `turnstileEnabled`
+- `turnstileSiteKey`
+- `turnstileSecretKey`
+- `loginTurnstileEnabled`
+- `turnstileTheme`
+- `turnstileSize`
+- `turnstileAppearance`
+
+## What changed in this fork
+
+### Removed
+
+- ❌ Google **reCAPTCHA** integration
+- ❌ **hCaptcha** integration
+- ❌ Legacy captcha UI/assets/styles related to those providers
+
+### Added / refactored
+
+- ✅ **Cloudflare Turnstile** verification (server-side + client-side)
+- ✅ Cleaner settings handling / flag parsing
+- ✅ More robust client injection (idempotent script/widget rendering)
+- ✅ Cleanup for modern NodeBB 4.x plugin usage
+
+## Migration notes (from reCAPTCHA / hCaptcha)
+
+If you were previously using reCAPTCHA or hCaptcha in this plugin:
+
+1. Remove old keys from the plugin settings (if still present in your DB/config).
+2. Create new Cloudflare Turnstile keys.
+3. Configure Turnstile settings in the plugin admin page.
+4. Test registration and (optionally) login challenge flows.
+
+> Old captcha providers are no longer used by this fork.
+
+
+## npm publishing checklist (fork maintainers)
+
+Before publishing your fork, update these fields in `package.json`:
+
+- `name` (your npm package name / scope)
+- `version`
+- `repository`
+- `bugs`
+- `homepage`
+
+The current values are placeholders (`your-scope` / `your-org`) and should be replaced with your actual npm scope and GitHub repository.
+
+## Troubleshooting
+
+### Turnstile widget does not appear
+
+- Check that `turnstileEnabled` is enabled.
+- Confirm your **Site Key** is valid.
+- Ensure your forum domain matches the domain configured in Cloudflare Turnstile.
+- Rebuild NodeBB assets (`./nodebb build`) and restart.
+
+### Verification fails on submit
+
+- Confirm your **Secret Key** is correct.
+- Check server connectivity to Cloudflare Turnstile verification endpoint.
+- Inspect NodeBB logs for plugin validation errors.
+
+### Login challenge not showing
+
+- Confirm `loginTurnstileEnabled` is enabled.
+- Verify your active theme/login template is using the plugin hook output correctly.
+
+## Development notes
+
+This package is intentionally kept minimal for easier deployment:
+
+- No ESLint/tooling requirements for runtime
+- No `package-lock.json` included in this fork package
+- Turnstile-only code path
+
+## License
+
+MIT
+
+## Credits
+
+- Original plugin authors/maintainers of `nodebb-plugin-spam-be-gone`
+- Refactor/fork updates for NodeBB 4.x + Cloudflare Turnstile

package/lib/akismet.js

@@ -0,0 +1,75 @@
+'use strict';
+
+const NodeBBVersion = require(require.main.require('./src/constants').paths.currentPackage).version;
+const SpamBeGoneVersion = require('../package.json').version;
+
+const Akismet = module.exports;
+
+Akismet.verified = false;
+Akismet.api_key = '';
+Akismet.blog = '';
+
+async function callAkismet(uri, data) {
+	const headers = {
+		'Content-Type': 'application/x-www-form-urlencoded',
+		'User-Agent': `NodeBB/${NodeBBVersion} | nodebb-plugin-spam-be-gone/${SpamBeGoneVersion}`,
+	};
+	data.api_key = data.api_key || Akismet.api_key;
+	data.blog = data.blog || Akismet.blog;
+
+	const response = await fetch(uri, {
+		method: 'POST',
+		headers,
+		body: new URLSearchParams(data).toString(),
+	});
+
+	const responseBody = await response.text();
+	return responseBody;
+}
+
+Akismet.verifyKey = async (key, blog) => {
+	Akismet.api_key = key;
+	Akismet.blog = blog;
+
+	try {
+		const responseBody = await callAkismet(
+			'https://rest.akismet.com/1.1/verify-key',
+			{ api_key: key, blog }
+		);
+
+		Akismet.verified = responseBody === 'valid';
+
+		return Akismet.verified;
+	} catch (error) {
+		console.error('Error verifying Akismet API key:', error);
+		return false;
+	}
+};
+
+Akismet.checkSpam = async (data) => {
+	try {
+		const responseBody = await callAkismet('https://rest.akismet.com/1.1/comment-check', data);
+		const isSpam = responseBody === 'true';
+		return isSpam;
+	} catch (error) {
+		console.error('Error checking spam:', error);
+		throw error;
+	}
+};
+
+Akismet.submitSpam = async (data) => {
+	try {
+		await callAkismet('https://rest.akismet.com/1.1/submit-spam', data);
+	} catch (error) {
+		console.error('Error submittin spam:', error);
+	}
+};
+
+Akismet.submitHam = async (data) => {
+	try {
+		await callAkismet('https://rest.akismet.com/1.1/submit-ham', data);
+	} catch (error) {
+		console.error('Error submittin ham:', error);
+	}
+};
+

package/library.js

@@ -0,0 +1,404 @@
+'use strict';
+
+const util = require('util');
+const https = require('https');
+const querystring = require('querystring');
+const Honeypot = require('project-honeypot');
+const stopforumspam = require('stopforumspam');
+
+const winston = require.main.require('winston');
+const nconf = require.main.require('nconf');
+const Meta = require.main.require('./src/meta');
+const User = require.main.require('./src/user');
+const Topics = require.main.require('./src/topics');
+const db = require.main.require('./src/database');
+
+const pluginData = require('./plugin.json');
+const akismet = require('./lib/akismet');
+
+let honeypot;
+let pluginSettings = {};
+
+const Plugin = module.exports;
+pluginData.nbbId = pluginData.id.replace(/nodebb-plugin-/, '');
+Plugin.nbbId = pluginData.nbbId;
+Plugin.middleware = {};
+
+function isOn(value) {
+	return value === 'on' || value === true;
+}
+
+async function getSettings() {
+	return Meta.settings.get(pluginData.nbbId);
+}
+
+function getTurnstileConfigFromSettings(settings) {
+	if (!isOn(settings.turnstileEnabled)) {
+		return null;
+	}
+	if (!settings.turnstileSiteKey || !settings.turnstileSecretKey) {
+		return null;
+	}
+	return {
+		siteKey: settings.turnstileSiteKey,
+		targetId: `${pluginData.nbbId}-turnstile-target`,
+		addLoginTurnstile: isOn(settings.loginTurnstileEnabled),
+		theme: settings.turnstileTheme || 'auto',
+		size: settings.turnstileSize || 'normal',
+		appearance: settings.turnstileAppearance || 'always',
+		language: (Meta.config.defaultLang || 'auto').toLowerCase(),
+	};
+}
+
+Plugin.middleware.isAdminOrGlobalMod = function (req, res, next) {
+	User.isAdminOrGlobalMod(req.uid, (err, isAdminOrGlobalMod) => {
+		if (err) {
+			return next(err);
+		}
+		if (isAdminOrGlobalMod) {
+			return next();
+		}
+		res.status(401).json({ message: '[[spam-be-gone:not-allowed]]' });
+	});
+};
+
+Plugin.middleware.checkStopForumSpam = function (req, res, next) {
+	if (!pluginSettings.stopforumspamEnabled) {
+		return res.status(400).send({ message: '[[spam-be-gone:sfs-not-enabled]]' });
+	}
+	if (!pluginSettings.stopforumspamApiKey) {
+		return res.status(400).send({ message: '[[spam-be-gone:sfs-api-key-not-set]]' });
+	}
+	next();
+};
+
+Plugin.load = async function (params) {
+	const settings = await getSettings();
+	if (!settings) {
+		winston.warn(`[plugins/${pluginData.nbbId}] Settings not set or could not be retrieved!`);
+		return;
+	}
+
+	if (isOn(settings.akismetEnabled)) {
+		if (settings.akismetApiKey) {
+			if (!await akismet.verifyKey(settings.akismetApiKey, nconf.get('url'))) {
+				winston.error(`[plugins/${pluginData.nbbId}] Unable to verify Akismet API key.`);
+			}
+		} else {
+			winston.error(`[plugins/${pluginData.nbbId}] Akismet API Key not set!`);
+		}
+	}
+
+	if (isOn(settings.honeypotEnabled)) {
+		if (settings.honeypotApiKey) {
+			honeypot = Honeypot(settings.honeypotApiKey);
+		} else {
+			winston.error(`[plugins/${pluginData.nbbId}] Honeypot API Key not set!`);
+		}
+	}
+
+	if (!settings.akismetMinReputationHam) {
+		settings.akismetMinReputationHam = 10;
+	}
+	if (settings.stopforumspamApiKey) {
+		stopforumspam.Key(settings.stopforumspamApiKey);
+	}
+
+	pluginSettings = settings;
+
+	const routeHelpers = require.main.require('./src/routes/helpers');
+	routeHelpers.setupAdminPageRoute(params.router, `/admin/plugins/${pluginData.nbbId}`, renderAdmin);
+
+	params.router.post(`/api/user/:userslug/${pluginData.nbbId}/report`, Plugin.middleware.isAdminOrGlobalMod, Plugin.middleware.checkStopForumSpam, Plugin.report);
+	params.router.post(`/api/user/:username/${pluginData.nbbId}/report/queue`, Plugin.middleware.isAdminOrGlobalMod, Plugin.middleware.checkStopForumSpam, Plugin.reportFromQueue);
+};
+
+async function renderAdmin(req, res) {
+	let akismetStats = await db.getObject(`${pluginData.nbbId}:akismet`);
+	akismetStats = { ...{ checks: 0, spam: 0 }, ...akismetStats };
+	res.render(`admin/plugins/${pluginData.nbbId}`, {
+		nbbId: pluginData.nbbId,
+		akismet: akismetStats,
+		title: 'Spam Be Gone',
+	});
+}
+
+Plugin.report = async function (req, res, next) {
+	try {
+		const uid = await User.getUidByUserslug(req.params.userslug);
+		if (!uid) {
+			return next(new Error('[[error:no-user]]'));
+		}
+		const [isAdmin, fields, ips] = await Promise.all([
+			User.isAdministrator(uid),
+			User.getUserFields(uid, ['username', 'email', 'uid']),
+			User.getIPs(uid, 0),
+		]);
+		if (isAdmin) {
+			return res.status(403).send({ message: '[[spam-be-gone:cant-report-admin]]' });
+		}
+		await stopforumspam.submit({ ip: ips[0], email: fields.email, username: fields.username }, `Manual submission from user: ${req.uid} to user: ${fields.uid} via ${pluginData.id}`);
+		res.status(200).json({ message: '[[spam-be-gone:user-reported]]' });
+	} catch (err) {
+		winston.error(`[plugins/${pluginData.nbbId}][report-error] ${err.message}`);
+		res.status(400).json({ message: err.message || 'Something went wrong' });
+	}
+};
+
+Plugin.reportFromQueue = async (req, res) => {
+	const data = await db.getObject(`registration:queue:name:${req.params.username}`);
+	if (!data) {
+		return res.status(400).json({ message: '[[error:no-user]]' });
+	}
+	const submitData = { ip: data.ip, email: data.email, username: data.username };
+	try {
+		await stopforumspam.submit(submitData, `Manual submission from user: ${req.uid} to user: ${data.username} via ${pluginData.id}`);
+		res.status(200).json({ message: '[[spam-be-gone:user-reported]]' });
+	} catch (err) {
+		winston.error(`[plugins/${pluginData.nbbId}][report-error] ${err.message}\n${JSON.stringify(submitData, null, 4)}`);
+		res.status(400).json({ message: err.message || 'Something went wrong' });
+	}
+};
+
+Plugin.appendConfig = async (data) => {
+	data['spam-be-gone'] = data['spam-be-gone'] || {};
+	const settings = await getSettings();
+	const turnstile = getTurnstileConfigFromSettings(settings || {});
+	if (turnstile) {
+		data['spam-be-gone'].turnstile = {
+			siteKey: turnstile.siteKey,
+			theme: turnstile.theme,
+			size: turnstile.size,
+			appearance: turnstile.appearance,
+			language: turnstile.language,
+			targetId: turnstile.targetId,
+		};
+	}
+	return data;
+};
+
+Plugin.addCaptcha = async (data) => {
+	function addChallenge(templateData, enableOnLogin, challenge) {
+		if (Array.isArray(templateData.regFormEntry)) {
+			templateData.regFormEntry.push(challenge);
+		} else if (Array.isArray(templateData.loginFormEntry)) {
+			if (enableOnLogin) {
+				templateData.loginFormEntry.push(challenge);
+			}
+		} else {
+			templateData.captcha = challenge;
+		}
+	}
+
+	if (!data.templateData) {
+		return data;
+	}
+
+	const settings = await getSettings();
+	const turnstile = getTurnstileConfigFromSettings(settings || {});
+	if (turnstile) {
+		data.templateData.turnstileArgs = turnstile;
+		addChallenge(data.templateData, turnstile.addLoginTurnstile, {
+			label: 'Turnstile',
+			html: `<div id="${turnstile.targetId}"></div>`,
+			styleName: pluginData.nbbId,
+		});
+	}
+
+	return data;
+};
+
+Plugin.onPostEdit = async function (data) {
+	const cid = await Topics.getTopicField(data.post.tid, 'cid');
+	await Plugin.checkReply({ content: data.post.content, uid: data.post.uid, cid, req: data.req }, { type: 'post', edit: true });
+	return data;
+};
+Plugin.onTopicEdit = async (data) => { await Plugin.checkReply({ title: data.topic.title || '', uid: data.topic.uid, cid: data.topic.cid, req: data.req }, { type: 'topic', edit: true }); return data; };
+Plugin.onTopicPost = async (data) => { await Plugin.checkReply(data, { type: 'topic' }); return data; };
+Plugin.onTopicReply = async (data) => { await Plugin.checkReply(data, { type: 'post' }); return data; };
+
+Plugin.checkReply = async function (data, options) {
+	options = options || {};
+	if (!akismet.verified || !data || !data.req || data.fromQueue) {
+		return;
+	}
+	const [isAdmin, isModerator, userData] = await Promise.all([
+		User.isAdministrator(data.req.uid),
+		User.isModerator(data.req.uid, data.cid),
+		User.getUserFields(data.req.uid, ['username', 'reputation', 'email']),
+	]);
+	if (isAdmin || isModerator) {
+		return;
+	}
+	const akismetData = {
+		referrer: data.req.headers.referer,
+		user_ip: data.req.ip,
+		user_agent: data.req.headers['user-agent'],
+		permalink: nconf.get('url').replace(/\/$/, '') + data.req.path,
+		comment_content: (data.title ? `${data.title}\n\n` : '') + (data.content || ''),
+		comment_author: userData.username,
+		comment_author_email: userData.email,
+		comment_type: options.type === 'topic' ? 'forum-post' : 'comment',
+	};
+	if (options.edit) {
+		akismetData.recheck_reason = 'edit';
+	}
+	const isSpam = await akismet.checkSpam(akismetData);
+	await db.incrObjectField(`${pluginData.nbbId}:akismet`, 'checks');
+	if (!isSpam) {
+		return;
+	}
+	await db.incrObjectField(`${pluginData.nbbId}:akismet`, 'spam');
+	if (parseInt(userData.reputation, 10) >= parseInt(pluginSettings.akismetMinReputationHam, 10)) {
+		await akismet.submitHam(akismetData);
+	}
+	winston.verbose(`[plugins/${pluginData.nbbId}] Post by uid: ${data.req.uid} username: ${userData.username}@${data.req.ip} was flagged as spam and rejected.`);
+	throw new Error('Post content was flagged as spam by Akismet.com');
+};
+
+Plugin.checkRegister = async function (data) {
+	await Promise.all([
+		Plugin._honeypotCheck(data.req, data.userData),
+		Plugin._turnstileCheck(data.req),
+	]);
+	return data;
+};
+
+Plugin.checkLogin = async function (data) {
+	const settings = await getSettings();
+	const turnstile = getTurnstileConfigFromSettings(settings || {});
+	if (turnstile && turnstile.addLoginTurnstile) {
+		await Plugin._turnstileCheck(data.req);
+	}
+	return data;
+};
+
+Plugin.getRegistrationQueue = async function (data) {
+	if (pluginSettings.stopforumspamEnabled) {
+		await Promise.all(data.users.map(augmentWitSpamData));
+	}
+	return data;
+};
+
+async function augmentWitSpamData(user) {
+	try {
+		user.ip = user.ip.replace('::ffff:', '');
+		let body = await stopforumspam.isSpammer({ ip: user.ip, email: user.email, username: user.username, f: 'json' });
+		if (!body) {
+			body = { success: 1, username: { frequency: 0, appears: 0 }, email: { frequency: 0, appears: 0 }, ip: { frequency: 0, appears: 0, asn: null } };
+		}
+		user.spamChecked = true;
+		user.spamData = body;
+		user.usernameSpam = body.username ? (body.username.frequency > 0 || body.username.appears > 0) : true;
+		user.emailSpam = body.email ? (body.email.frequency > 0 || body.email.appears > 0) : true;
+		user.ipSpam = body.ip ? (body.ip.frequency > 0 || body.ip.appears > 0) : true;
+		user.customActions = user.customActions || [];
+		if (pluginSettings.stopforumspamApiKey) {
+			user.customActions.push({ title: '[[spam-be-gone:report-user]]', id: `report-spam-user-${user.username}`, class: 'btn-warning report-spam-user', icon: 'fa-flag' });
+		}
+	} catch (err) {
+		if (err) {
+			winston.error(err);
+		}
+	}
+}
+
+Plugin.userProfileMenu = function (data, next) {
+	if (pluginSettings.stopforumspamEnabled && pluginSettings.stopforumspamApiKey) {
+		data.links.push({
+			id: 'spamBeGoneReportUserBtn', route: 'report-user', icon: 'fa-flag', name: '[[spam-be-gone:report-user]]',
+			visibility: { self: false, other: false, moderator: false, globalMod: true, admin: true },
+		});
+	}
+	next(null, data);
+};
+
+Plugin.onPostFlagged = async function (data) {
+	const flagObj = data.flag;
+	if (flagObj.type !== 'post' || flagObj.description !== 'Spam') {
+		return;
+	}
+	if (akismet.verified && pluginSettings.akismetFlagReporting && parseInt(flagObj.reporter.reputation, 10) >= parseInt(pluginSettings.akismetFlagReporting, 10)) {
+		const [userData, permalink, ip] = await Promise.all([
+			User.getUserFields(flagObj.target.uid, ['username', 'email']),
+			Topics.getTopicField(flagObj.target.tid, 'slug'),
+			db.getSortedSetRevRange(`uid:${flagObj.target.uid}:ip`, 0, 1),
+		]);
+		const submitted = {
+			user_ip: ip ? ip[0] : '', permalink: `${nconf.get('url').replace(/\/$/, '')}/topic/${permalink}`,
+			comment_author: userData.username, comment_author_email: userData.email, comment_content: flagObj.target.content, comment_type: 'forum-post',
+		};
+		try { await akismet.submitSpam(submitted); winston.info('Spam reported to Akismet.', submitted); } catch (err) { winston.error(`Error reporting to Akismet ${err.message}\n${JSON.stringify(submitted, null, 4)}`); }
+	}
+};
+
+Plugin._honeypotCheck = async function (req, userData) {
+	if (!(honeypot && req && req.ip)) {
+		return;
+	}
+	const honeypotQuery = util.promisify(honeypot.query);
+	const results = await honeypotQuery(req.ip);
+	if (results && results.found && results.type && (results.type.spammer || results.type.suspicious)) {
+		const message = `${userData.username} | ${userData.email} was detected as ${(results.type.spammer ? 'spammer' : 'suspicious')}`;
+		winston.warn(`[plugins/${pluginData.nbbId}] ${message} and was denied registration.`);
+		throw new Error(message);
+	}
+	winston.verbose(`[plugins/${pluginData.nbbId}] username: ${userData.username} ip: ${req.ip} was not found in Honeypot database`);
+};
+
+Plugin._turnstileCheck = async function (req) {
+	const settings = await getSettings();
+	if (!isOn(settings.turnstileEnabled)) {
+		return;
+	}
+	if (!req || !req.body) {
+		throw new Error('[[spam-be-gone:captcha-not-verified]]');
+	}
+	const token = req.body['cf-turnstile-response'];
+	if (!token || !settings.turnstileSecretKey) {
+		throw new Error('[[spam-be-gone:captcha-not-verified]]');
+	}
+	const payload = querystring.stringify({
+		secret: settings.turnstileSecretKey,
+		response: token,
+		remoteip: req.ip,
+	});
+	const options = {
+		hostname: 'challenges.cloudflare.com',
+		path: '/turnstile/v0/siteverify',
+		method: 'POST',
+		headers: {
+			'Content-Type': 'application/x-www-form-urlencoded',
+			'Content-Length': Buffer.byteLength(payload),
+		},
+	};
+	await new Promise((resolve, reject) => {
+		const request = https.request(options, (res) => {
+			let responseData = '';
+			res.on('data', (chunk) => { responseData += chunk; });
+			res.on('end', () => {
+				let parsed;
+				try {
+					parsed = JSON.parse(responseData || '{}');
+				} catch (err) {
+					return reject(new Error('[[spam-be-gone:captcha-not-verified]]'));
+				}
+				if (parsed.success === true) {
+					return resolve();
+				}
+				winston.verbose(`[plugins/${pluginData.nbbId}] Turnstile verification failed: ${JSON.stringify(parsed['error-codes'] || [])}`);
+				reject(new Error('[[spam-be-gone:captcha-not-verified]]'));
+			});
+		});
+		request.on('error', (error) => reject(new Error(error.message || '[[spam-be-gone:captcha-not-verified]]')));
+		request.write(payload);
+		request.end();
+	});
+};
+
+Plugin.admin = {
+	menu: function (custom_header, callback) {
+		custom_header.plugins.push({ route: `/plugins/${pluginData.nbbId}`, icon: pluginData.faIcon, name: pluginData.name });
+		callback(null, custom_header);
+	},
+};

package/package.json

@@ -0,0 +1,58 @@
+{
+  "name": "@arnaudw38/nodebb-plugin-spam-be-gone",
+  "version": "1.0.0",
+  "description": "Anti-spam plugin for NodeBB 4.x using Akismet, StopForumSpam, ProjectHoneyPot, and Cloudflare Turnstile (Turnstile-only fork)",
+  "main": "library.js",
+  "scripts": {},
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/aworobel/nodebb-plugin-spam-be-gone.git"
+  },
+  "keywords": [
+    "nodebb",
+    "plugin",
+    "spam",
+    "stopforumspam",
+    "akismet",
+    "honeypot",
+    "projecthoneypot",
+    "antispam",
+    "turnstile",
+    "cloudflare",
+    "nodebb-plugin",
+    "security",
+    "turnstile-only"
+  ],
+  "author": {
+    "name": "Aziz khoury",
+    "email": "bentael@gmail.com"
+  },
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/aworobel/nodebb-plugin-spam-be-gone/issues"
+  },
+  "dependencies": {
+    "async": "^3.2.0",
+    "project-honeypot": "~0.0.0",
+    "stopforumspam": "^1.3.8"
+  },
+  "nbbpm": {
+    "compatibility": "^4.0.0"
+  },
+  "homepage": "https://github.com/aworobel/nodebb-plugin-spam-be-gone#readme",
+  "engines": {
+    "node": ">=20"
+  },
+  "files": [
+    "library.js",
+    "lib/",
+    "public/",
+    "upgrades/",
+    "plugin.json",
+    "README.md",
+    "LICENSE"
+  ],
+  "publishConfig": {
+    "access": "public"
+  }
+}

package/plugin.json

@@ -0,0 +1,92 @@
+{
+  "id": "nodebb-plugin-spam-be-gone",
+  "name": "Spam Be Gone",
+  "description": "Anti-spam using Akismet.com, StopForumSpam.com, ProjectHoneyPot.org and Cloudflare Turnstile",
+  "url": "https://github.com/akhoury/nodebb-plugin-spam-be-gone",
+  "scss": [
+    "public/scss/styles.scss"
+  ],
+  "acpScripts": [
+    "public/js/scripts.js"
+  ],
+  "scripts": [
+    "public/js/scripts.js"
+  ],
+  "modules": {
+    "../admin/plugins/spam-be-gone.js": "public/js/admin.js"
+  },
+  "templates": "public/templates",
+  "languages": "public/languages",
+  "defaultLang": "en_GB",
+  "upgrades": [
+    "upgrades/enable_stopforumspam_by_default.js"
+  ],
+  "hooks": [
+    {
+      "hook": "static:app.load",
+      "method": "load"
+    },
+    {
+      "hook": "filter:admin.header.build",
+      "method": "admin.menu"
+    },
+    {
+      "hook": "filter:login.build",
+      "method": "addCaptcha",
+      "priority": 5
+    },
+    {
+      "hook": "filter:register.build",
+      "method": "addCaptcha",
+      "priority": 5
+    },
+    {
+      "hook": "filter:login.check",
+      "method": "checkLogin",
+      "priority": 5
+    },
+    {
+      "hook": "filter:register.check",
+      "method": "checkRegister",
+      "priority": 5
+    },
+    {
+      "hook": "filter:user.profileMenu",
+      "method": "userProfileMenu",
+      "priority": 5
+    },
+    {
+      "hook": "filter:user.getRegistrationQueue",
+      "method": "getRegistrationQueue",
+      "priority": 5
+    },
+    {
+      "hook": "filter:topic.post",
+      "method": "onTopicPost",
+      "priority": 5
+    },
+    {
+      "hook": "filter:topic.reply",
+      "method": "onTopicReply",
+      "priority": 5
+    },
+    {
+      "hook": "filter:topic.edit",
+      "method": "onTopicEdit"
+    },
+    {
+      "hook": "filter:post.edit",
+      "method": "onPostEdit"
+    },
+    {
+      "hook": "action:flags.create",
+      "method": "onPostFlagged",
+      "priority": 5
+    },
+    {
+      "hook": "filter:config.get",
+      "method": "appendConfig"
+    }
+  ],
+  "faIcon": "fa-shield"
+}

package/public/js/admin.js

@@ -0,0 +1,61 @@
+'use strict';
+
+define('admin/plugins/spam-be-gone', ['settings', 'alerts'], function (Settings, alerts) {
+	var Admin = {};
+
+	Admin.init = function () {
+		var nbbId = ajaxify.data.nbbId;
+		var klass = nbbId + '-settings';
+		var wrapper = $('.' + klass);
+
+		function onChange(e) {
+			var target = $(e.target);
+			var input = wrapper.find(target.attr('data-toggle-target'));
+			input.prop('disabled', !target.is(':checked'));
+		}
+
+		wrapper.find('input[type="checkbox"][data-toggle-target]').on('change', onChange);
+
+		Settings.load(nbbId, wrapper, function () {
+			wrapper.find('input[type="checkbox"][data-toggle-target]').each(function () {
+				onChange({ target: this });
+			});
+		});
+
+		$('#save').on('click', function (e) {
+			e.preventDefault();
+			wrapper.find('.has-error').removeClass('has-error');
+
+			var invalidSelector = '';
+			var invalidCount = 0;
+			wrapper.find('input[type="checkbox"][data-toggle-target]').each(function (i, checkbox) {
+				checkbox = $(checkbox);
+				if (checkbox.is(':checked') && !wrapper.find(checkbox.attr('data-toggle-target')).val()) {
+					invalidSelector += (!invalidCount++ ? '' : ', ') + checkbox.attr('data-toggle-target');
+				}
+			});
+
+			if (invalidSelector) {
+				wrapper.find(invalidSelector).each(function (i, el) {
+					el = $(el);
+					el.parent().addClass('has-error');
+				});
+				alerts.error('Empty fields not allowed!');
+			} else {
+				Settings.save(nbbId, wrapper, function () {
+					alerts.alert({
+						type: 'success',
+						alert_id: nbbId,
+						title: 'Reload Required',
+						message: 'Please reload your NodeBB to have your changes take effect',
+						clickfn: function () {
+							socket.emit('admin.reload');
+						},
+					});
+				});
+			}
+		});
+	};
+
+	return Admin;
+});

package/public/js/scripts.js

@@ -0,0 +1,112 @@
+'use strict';
+
+/* global turnstile */
+
+$(function () {
+	var pluginName = 'spam-be-gone';
+	var turnstileScriptUrl = 'https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit';
+
+	function getTurnstileArgs() {
+		return ajaxify.data && ajaxify.data.turnstileArgs;
+	}
+
+	function injectScriptOnce(src) {
+		if (document.querySelector('script[src*="turnstile/v0/api.js"]')) {
+			return Promise.resolve();
+		}
+		return new Promise(function (resolve, reject) {
+			var s = document.createElement('script');
+			s.src = src;
+			s.async = true;
+			s.defer = true;
+			s.onload = resolve;
+			s.onerror = reject;
+			document.head.appendChild(s);
+		});
+	}
+
+	function renderTurnstileIfNeeded(isLoginPage) {
+		var args = getTurnstileArgs();
+		if (!args || (isLoginPage && !args.addLoginTurnstile)) {
+			return;
+		}
+
+		injectScriptOnce(turnstileScriptUrl)
+			.then(function () {
+				if (typeof turnstile === 'undefined') {
+					return;
+				}
+				var target = document.getElementById(args.targetId);
+				if (!target || target.dataset.turnstileRendered === '1') {
+					return;
+				}
+				turnstile.render('#' + args.targetId, {
+					sitekey: args.siteKey,
+					theme: args.theme || 'auto',
+					size: args.size || 'normal',
+					appearance: args.appearance || 'always',
+					language: args.language || 'auto',
+					callback: function () {
+						var error = utils.param('error');
+						if (error) {
+							require(['alerts'], function (alerts) { alerts.error(error); });
+						}
+					},
+					'error-callback': function () {
+						require(['alerts'], function (alerts) { alerts.error('[[spam-be-gone:captcha-not-verified]]'); });
+					},
+				});
+				target.dataset.turnstileRendered = '1';
+			})
+			.catch(function () {
+				require(['alerts'], function (alerts) { alerts.error('Failed to load Cloudflare Turnstile'); });
+			});
+	}
+
+	function onAccountProfilePage() {
+		var $btn = $('#spamBeGoneReportUserBtn');
+		$btn.off('click').on('click', function (e) {
+			e.preventDefault();
+			reportUser('/api/user/' + ajaxify.data.userslug + '/' + pluginName + '/report');
+			var $parentBtn = $btn.parents('.account-fab').find('[data-toggle="dropdown"]');
+			if ($parentBtn.dropdown) {
+				$parentBtn.dropdown('toggle');
+			}
+			return false;
+		});
+	}
+
+	function onManageRegistrationPage() {
+		$('button.report-spam-user').off('click').on('click', function (e) {
+			e.preventDefault();
+			var username = $(this).parents('[data-username]').attr('data-username');
+			reportUser('/api/user/' + username + '/' + pluginName + '/report/queue');
+			return false;
+		});
+	}
+
+	function reportUser(url) {
+		require(['alerts'], function (alerts) {
+			$.post(url)
+				.then(function () { alerts.success('User reported!'); })
+				.catch(function (e) { alerts.error(e.responseJSON && e.responseJSON.message || '[spam-be-gone:something-went-wrong]'); });
+		});
+	}
+
+	$(window).on('action:ajaxify.end', function (evt, data) {
+		switch (data.tpl_url) {
+			case 'register':
+				renderTurnstileIfNeeded(false);
+				break;
+			case 'login':
+				renderTurnstileIfNeeded(true);
+				break;
+			case 'account/profile':
+				onAccountProfilePage();
+				break;
+			case 'admin/manage/registration':
+				onManageRegistrationPage();
+				break;
+		}
+	});
+});

package/public/languages/en-GB/spam-be-gone.json

@@ -0,0 +1,21 @@
+{
+  "report-user": "Report spammer",
+  "something-went-wrong": "Something went wrong",
+  "not-allowed": "You are not allowed to perform this action",
+  "cant-report-admin": "You can't report an admin as spammer",
+  "user-reported": "User reported!",
+  "sfs-not-enabled": "Stop Forum Spam is not enabled",
+  "sfs-api-key-not-set": "Stop Forum Spam API Key is not set, get one from stopforumspam.com/keys",
+  "captcha-not-verified": "Captcha not verified, are you a robot?",
+  "admin-topic-start": "This plugin uses",
+  "admin-topic-end": "Submit pull requests or ideas at the the project repository",
+  "enable": "Enable",
+  "akismet-topic-1": "To check every user post. Get yours from ",
+  "akismet-topic-2": "Minimum reputation level to classify flagged posts as false positives (HAM). Posts made by users with at least this level reputation will never be flagged as spam.",
+  "akismet-topic-3": "Allow users with minimum reputation of X to submit posts to Akismet as spam via flagging (leave blank to disable)",
+  "honeypot-topic-1": "To check every user registration. Get yours from ",
+  "stopforumspam-topic-1": "To report a user you need an API key, get yours from ",
+  "turnstile-topic-1": "To check registrations (and optionally login). Create keys from ",
+  "turnstile-topic-2": "Keep your secret key private",
+  "enable-turnstile-login": "Enable Turnstile on login page as well"
+}

package/public/languages/en-US/spam-be-gone.json

@@ -0,0 +1,21 @@
+{
+  "report-user": "Report spammer",
+  "something-went-wrong": "Something went wrong",
+  "not-allowed": "You are not allowed to perform this action",
+  "cant-report-admin": "You can't report an admin as spammer",
+  "user-reported": "User reported!",
+  "sfs-not-enabled": "Stop Forum Spam is not enabled",
+  "sfs-api-key-not-set": "Stop Forum Spam API Key is not set, get one from stopforumspam.com/keys",
+  "captcha-not-verified": "Captcha not verified, are you a robot?",
+  "admin-topic-start": "This plugin uses",
+  "admin-topic-end": "pull requests or ideas at the",
+  "enable": "Enable",
+  "akismet-topic-1": "To check every user post. Get yours from ",
+  "akismet-topic-2": "Minimum reputation level to classify flagged posts as false positives (HAM). Posts made by users with at least this level reputation will never be flagged as spam.",
+  "akismet-topic-3": "Allow users with minimum reputation of X to submit posts to Akismet as spam via flagging (leave blank to disable)",
+  "honeypot-topic-1": "To check every user registration. Get yours from ",
+  "stopforumspam-topic-1": "To report a user you need an API key, get yours from ",
+  "turnstile-topic-1": "To check registrations (and optionally login). Create keys from ",
+  "turnstile-topic-2": "Keep your secret key private",
+  "enable-turnstile-login": "Enable Turnstile on login page as well"
+}

package/public/languages/pl-PL/spam-be-gone.json

@@ -0,0 +1,21 @@
+{
+  "report-user": "Zgłoś spam",
+  "something-went-wrong": "Coś poszło nie tak",
+  "not-allowed": "Nie masz uprawnień do wykonania tej czynności",
+  "cant-report-admin": "Nie możesz zgłosić administratora jako spamera",
+  "user-reported": "Użytkownik zgłoszony!",
+  "sfs-not-enabled": "Stop Forum Spam jest włączone",
+  "sfs-api-key-not-set": "Klucz API dla Stop Forum Spam nie został wprowadzony - uzyskasz go na stopforumspam.com/keys",
+  "captcha-not-verified": "Brak weryfikacji Captcha, jesteś automatem?",
+  "admin-topic-start": "Wtyczka wykorzystuje",
+  "admin-topic-end": "Na stronie projektu zgłosisz zmiany kodu czy własne pomysły",
+  "enable": "Włącz",
+  "akismet-topic-1": "Pozwoli sprawdzić każdy wpis. Uzyskaj własny na ",
+  "akismet-topic-2": "Poziom reputacji aby kwalifikować wpisy jako błędnie zakwalifikowane (HAM). Wpisy użytkowników z wysoką reputacją nie będą oznaczane jako spam.",
+  "akismet-topic-3": "Zezwól użytkownikom z reputacją X i wyższą aby zgłaszali spam do bazy Akismet (pozostaw puste aby wyłączyć)",
+  "honeypot-topic-1": "Pozwoli sprawdzać nowe konta. Uzyskaj własny na ",
+  "stopforumspam-topic-1": "Aby zgłosić użytkownika potrzebujesz klucz API stąd ",
+  "turnstile-topic-1": "To check registrations (and optionally login). Create keys from ",
+  "turnstile-topic-2": "Keep your secret key private",
+  "enable-turnstile-login": "Enable Turnstile on login page as well"
+}

package/public/languages/zh-CN/spam-be-gone.json

@@ -0,0 +1,21 @@
+{
+  "report-user": "举报垃圾邮件",
+  "something-went-wrong": "未知错误",
+  "not-allowed": "你没有权限进行这个操作",
+  "cant-report-admin": "你无法举报管理员",
+  "user-reported": "用户举报!",
+  "sfs-not-enabled": "未启用“停止论坛垃圾邮件”",
+  "sfs-api-key-not-set": "未从stopforumspam.com/keys设置阻止论坛垃圾邮件的 API 密钥",
+  "captcha-not-verified": "验证码校验失败，请尝试重新校验或刷新页面",
+  "admin-topic-start": "这个插件引用了以下项目：",
+  "admin-topic-end": "拉取项目或提交issue请前往：",
+  "enable": "启用",
+  "akismet-topic-1": "要检查所有的提交，可前往 ",
+  "akismet-topic-2": "将被标记的帖子分类为误报 （HAM） 的最低信誉级别。具有此级别声誉的用户所发布的帖子将不会被标记为垃圾邮件。",
+  "akismet-topic-3": "允许最低信誉等级为X的用户通过标记将帖子作为垃圾邮件提交给Akismet（留空以禁用）",
+  "honeypot-topic-1": "要对所有的用户注册进行检查，可前往 ",
+  "stopforumspam-topic-1": "你需要一个API密钥用于举报用户，可前往 ",
+  "turnstile-topic-1": "To check registrations (and optionally login). Create keys from ",
+  "turnstile-topic-2": "Keep your secret key private",
+  "enable-turnstile-login": "Enable Turnstile on login page as well"
+}

package/public/scss/styles.scss

@@ -0,0 +1,3 @@
+#spam-be-gone-turnstile-target {
+  margin: 10px 0;
+}

package/public/templates/admin/plugins/spam-be-gone.tpl

@@ -0,0 +1,87 @@
+<div class="acp-page-container">
+	<!-- IMPORT admin/partials/settings/header.tpl -->
+
+	<div>
+		<div class="alert alert-info mb-0 text-xs">
+			<p>
+				[[spam-be-gone:admin-topic-start]]
+				<a target="_blank" href="https://github.com/oozcitak/akismet-js">akismet-js</a>,
+				<a target="_blank" href="https://github.com/julianlam/project-honeypot">project-honeypot</a>,
+				<a target="_blank" href="https://developers.cloudflare.com/turnstile/">Cloudflare Turnstile</a>,
+				<a target="_blank" href="https://github.com/deltreey/stopforumspam">stopforumspam</a>
+			</p>
+			<p class="mb-0">
+				[[spam-be-gone:admin-topic-end]]
+				<a target="_blank" href="https://github.com/akhoury/nodebb-plugin-spam-be-gone">spam-be-gone</a>
+			</p>
+		</div>
+	</div>
+
+	<div class="row m-0">
+		<div id="spy-container" class="col-12 px-0 mb-4" tabindex="0">
+			<ul class="nav nav-tabs mb-3" role="tablist">
+				<li role="presentation" class="nav-item"><a class="nav-link active" href="#akismet" aria-controls="akismet" role="tab" data-bs-toggle="tab">Akismet</a></li>
+				<li role="presentation" class="nav-item"><a class="nav-link" href="#honeypot" aria-controls="honeypot" role="tab" data-bs-toggle="tab">Project Honeypot</a></li>
+				<li role="presentation" class="nav-item"><a class="nav-link" href="#turnstile" aria-controls="turnstile" role="tab" data-bs-toggle="tab">Cloudflare Turnstile</a></li>
+				<li role="presentation" class="nav-item"><a class="nav-link" href="#sfs" aria-controls="sfs" role="tab" data-bs-toggle="tab">StopForumSpam</a></li>
+			</ul>
+
+			<form role="form" class="{nbbId}-settings">
+				<fieldset>
+					<div class="tab-content">
+						<div role="tabpanel" class="tab-pane fade show active" id="akismet">
+							<div class="row"><div class="col-sm-12">
+								<div class="form-check">
+									<input class="form-check-input" data-toggle-target="#akismetApiKey,#akismetMinReputationHam,#akismetFlagReporting" type="checkbox" id="akismetEnabled" name="akismetEnabled"/>
+									<label class="section-title form-check-label">[[spam-be-gone:enable]] Akismet</label>
+								</div>
+								<p class="form-text">[[spam-be-gone:akismet-topic-1]] <a target="_blank" href="http://akismet.com/">akismet.com</a></p>
+								{{{ if akismet.checks }}}<p>Akismet checked <strong>{akismet.checks}</strong> posts and caught <strong>{akismet.spam}</strong> spam posts.</p>{{{ end }}}
+								<div class="mb-3"><label class="form-label" for="akismetApiKey">Akismet API Key</label><input placeholder="Akismet API Key here" type="text" class="form-control" id="akismetApiKey" name="akismetApiKey"/></div>
+								<div class="mb-3"><label class="form-label" for="akismetMinReputationHam">HAM Minimum Reputation</label><input placeholder="10" type="number" class="form-control" id="akismetMinReputationHam" name="akismetMinReputationHam"/></div>
+								<p class="form-text">[[spam-be-gone:akismet-topic-2]]</p>
+								<div class="mb-3"><label class="form-label" for="akismetFlagReporting">Flagging Minimum Reputation</label><input placeholder="5" type="text" class="form-control" id="akismetFlagReporting" name="akismetFlagReporting"/></div>
+								<p class="form-text">[[spam-be-gone:akismet-topic-3]]</p>
+							</div></div>
+						</div>
+
+						<div role="tabpanel" class="tab-pane fade" id="honeypot">
+							<div class="row"><div class="col-sm-12">
+								<div class="form-check"><input class="form-check-input" data-toggle-target="#honeypotApiKey" type="checkbox" id="honeypotEnabled" name="honeypotEnabled"/><label class="form-check-label">[[spam-be-gone:enable]] Honeypot</label></div>
+								<p class="form-text">[[spam-be-gone:honeypot-topic-1]]<a target="_blank" href="http://www.projecthoneypot.org/">projecthoneypot.org</a></p>
+								<div class="mb-3"><label class="form-label" for="honeypotApiKey">Honeypot API Key</label><input placeholder="Honeypot API Key here" type="text" class="form-control" id="honeypotApiKey" name="honeypotApiKey"/></div>
+							</div></div>
+						</div>
+
+						<div role="tabpanel" class="tab-pane fade" id="turnstile">
+							<div class="row"><div class="col-sm-12">
+								<div class="form-check">
+									<input class="form-check-input" data-toggle-target="#turnstileSiteKey,#turnstileSecretKey,#loginTurnstileEnabled,#turnstileTheme,#turnstileSize,#turnstileAppearance" type="checkbox" id="turnstileEnabled" name="turnstileEnabled"/>
+									<label class="form-check-label">[[spam-be-gone:enable]] Cloudflare Turnstile</label>
+								</div>
+								<p class="form-text">[[spam-be-gone:turnstile-topic-1]]<a target="_blank" href="https://developers.cloudflare.com/turnstile/">developers.cloudflare.com/turnstile</a></p>
+								<div class="mb-3"><label class="form-label" for="turnstileSiteKey">Turnstile Site Key</label><input placeholder="Site Key here" type="text" class="form-control" id="turnstileSiteKey" name="turnstileSiteKey"/></div>
+								<div class="mb-3"><label class="form-label" for="turnstileSecretKey">Turnstile Secret Key</label><input placeholder="Secret Key here" type="text" class="form-control" id="turnstileSecretKey" name="turnstileSecretKey"/></div>
+								<div class="row g-3">
+									<div class="col-md-4"><label class="form-label" for="turnstileTheme">Theme</label><select class="form-select" id="turnstileTheme" name="turnstileTheme"><option value="auto">auto</option><option value="light">light</option><option value="dark">dark</option></select></div>
+									<div class="col-md-4"><label class="form-label" for="turnstileSize">Size</label><select class="form-select" id="turnstileSize" name="turnstileSize"><option value="normal">normal</option><option value="compact">compact</option><option value="flexible">flexible</option></select></div>
+									<div class="col-md-4"><label class="form-label" for="turnstileAppearance">Appearance</label><select class="form-select" id="turnstileAppearance" name="turnstileAppearance"><option value="always">always</option><option value="execute">execute</option><option value="interaction-only">interaction-only</option></select></div>
+								</div>
+								<p class="form-text mt-2">[[spam-be-gone:turnstile-topic-2]]</p>
+								<div class="form-check"><input class="form-check-input" type="checkbox" id="loginTurnstileEnabled" name="loginTurnstileEnabled"/><label class="form-check-label">[[spam-be-gone:enable-turnstile-login]]</label></div>
+							</div></div>
+						</div>
+
+						<div role="tabpanel" class="tab-pane fade" id="sfs">
+							<div class="row"><div class="col-sm-12">
+								<div class="form-check"><input class="form-check-input" data-toggle-target="#stopforumspamApiKey" type="checkbox" id="stopforumspamEnabled" name="stopforumspamEnabled"/><label class="form-check-label">Enable StopForumSpam</label></div>
+								<p class="form-text">[[spam-be-gone:stopforumspam-topic-1]]<a target="_blank" href="https://www.stopforumspam.com/keys">stopforumspam.com/keys</a></p>
+								<div class="mb-3"><label class="form-label" for="stopforumspamApiKey">StopForumSpam API Key</label><input placeholder="API key here" type="text" class="stopforumspamApiKey form-control" id="stopforumspamApiKey" name="stopforumspamApiKey"/></div>
+							</div></div>
+						</div>
+					</div>
+				</fieldset>
+			</form>
+		</div>
+	</div>
+</div>

package/upgrades/enable_stopforumspam_by_default.js

@@ -0,0 +1,29 @@
+'use strict';
+
+var Meta = require.main.require('./src/meta');
+var async = require.main.require('async');
+var winston = require.main.require('winston');
+var Plugin = require('../library');
+
+module.exports = {
+	name: 'Enable StopForumSpam by default without api key',
+	timestamp: Date.UTC(2019, 0, 21),
+	method: function (callback) {
+		Meta.settings.get(Plugin.nbbId, function (err, settings) {
+			if (err) {
+				return callback(err);
+			}
+			if (!settings) {
+				settings = {};
+			}
+			if (settings.stopforumspamEnabled !== 'on') {
+				settings.stopforumspamEnabled = 'on';
+				Meta.settings.set(Plugin.nbbId, settings, function (err) {
+					callback(err);
+				});
+			} else {
+				callback();
+			}
+		});
+	}
+};