PHPackages fnn/fnn-powermail-altcha - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. fnn/fnn-powermail-altcha ActiveTypo3-cms-extension[Security](/categories/security) fnn/fnn-powermail-altcha ======================== Altcha Captcha for Powermail - Accessible and GDPR compliant proof-of-work (pow) captcha for powermail, no external service required v10.0.5(6mo ago)02.1k↑250%4[3 issues](https://github.com/599media/fnn_powermail_altcha/issues)[1 PRs](https://github.com/599media/fnn_powermail_altcha/pulls)MITPHPPHP >= 7.4 <= 8.4 Since Jul 4Pushed 6mo agoCompare [ Source](https://github.com/599media/fnn_powermail_altcha)[ Packagist](https://packagist.org/packages/fnn/fnn-powermail-altcha)[ Docs](https://599media.de)[ RSS](/packages/fnn-fnn-powermail-altcha/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (3)Versions (7)Used By (0) fnn\_powermail\_altcha ====================== [](#fnn_powermail_altcha) **Title:** 599media Powermail Altcha **Description:**Altcha spam protection for Powermail forms. This extension integrates the Altcha library to add challenge/response spam protection to Powermail forms. After installation, a new element called “Altcha Spam Protection” is available in Powermail among the available field types. To activate spam protection, simply add this field to the desired form. As soon as a Powermail form contains an active “Altcha Spam Protection” field, the Altcha widget is automatically rendered at exactly this point in the frontend. The visitor then sees the Altcha widget. This additional validation effectively prevents automated bots, while the user experience remains as smooth as possible for real users. --- Overview -------- [](#overview) - **Extension-Key:** `fnn_powermail_altcha` - **Version:** 10.0.0 - **Author:** 599media Dev-Team (599media GmbH) - **License:** MIT - **Category:** Service - **Dependencies:** - TYPO3 ≥ 10.4.0 – 13.4.99 - PHP ≥ 7.4.0 – 8.4.99 - Powermail ≥ 8.5.0 – 13.99.99 --- Installation ------------ [](#installation) ### Install extension via ZIP file [](#install-extension-via-zip-file) 1. Download ZIP file 2. Log into your TYPO3 backend 3. Go to Extension Manager module 4. Press the upload button on the top bar 5. Select the ZIP file and upload it. If you want to overwrite an existing extension installation, activate the checkbox. 6. Go to your rootpage, open the TypoScript record and add 'Powermail Altcha' to 'include TypoScript sets' 7. Clear backend cache ### Install extension via composer command [](#install-extension-via-composer-command) 1. Go to your folder where the root composer.json file is located 2. Type: composer require fnn/fnn-powermail-altcha to get the latest version that runs on your TYPO3 version. 3. Run 'Analyze database' and create the 'table tx\_fnnpowermailaltcha\_domain\_model\_challenge' 4. Go to your rootpage, open the TypoScript record and add 'Powermail Altcha' to 'include TypoScript sets' 5. Clear backend cache --- Configuration ------------- [](#configuration) ### TypoScript [](#typoscript) #### Constants [](#constants) `Configuration/TypoScript/constants.typoscript` ``` plugin.tx_fnn_powermail_altcha { # HMAC key (random character string) **IMPORTANT: For security, you must generate a unique key for your installation and replace the placeholder below.** hmacKey = [YOUR_UNIQUE_KEY_HERE] # Maximum number for the challenge maxNumber = 999999 # Expiry time in seconds (0 = 24 hours) expires = 0 # Hide Altcha logo (0 = show, 1 = hide) hideLogo = 0 # Hide altcha footer (0 = show, 1 = hide) hideFooter = 0 # Validierungstyp: off, onfocus, onload, onsubmit validation = off # You can configure Altcha messages yourself at this point. labels { error = LLL:EXT:fnn_powermail_altcha/Resources/Private/Language/locallang.xlf:altchaWidget.error expired = LLL:EXT:fnn_powermail_altcha/Resources/Private/Language/locallang.xlf:altchaWidget.expired label = LLL:EXT:fnn_powermail_altcha/Resources/Private/Language/locallang.xlf:altchaWidget.label verified = LLL:EXT:fnn_powermail_altcha/Resources/Private/Language/locallang.xlf:altchaWidget.verified verifying = LLL:EXT:fnn_powermail_altcha/Resources/Private/Language/locallang.xlf:altchaWidget.verifying waitAlert = LLL:EXT:fnn_powermail_altcha/Resources/Private/Language/locallang.xlf:altchaWidget.waitAlert } } ``` #### Setup [](#setup) `Configuration/TypoScript/setup.typoscript` ``` plugin.tx_powermail { view { # The Altcha widget is rendered via a fluid partial. # A low number was selected to enable overwriting without major adjustments. partialRootPaths { 5 = EXT:fnn_powermail_altcha/Resources/Private/Templates/Powermail/Partials/ } } settings { setup { spamshield { methods { 2025 { # The spam check can be activated or deactivated here. _enable = 1 } } } } } } ``` ### TSConfig [](#tsconfig) The required TSConfig is loaded automatically after installation of the extension. --- Changelog --------- [](#changelog) All changes can be found in the ChangeLog file. Version 10.0.0 (initial release) and future updates are documented there. --- Support & Contact --------------------- [](#support--contact) - Author: Dev-Team @ 599media GmbH - E-Mail: - Homepage: --- License (MIT) ------------- [](#license-mit) The complete license information can be found here. Additional license information: This extension contains the ***altcha-org/altcha*** library, which is licensed under a separate MIT license. The complete license text of the Altcha library can be found in the file ***Vendor/altcha-lib-php/LICENSE.txt*** . --- Functionality (simplified) -------------------------- [](#functionality-simplified) ``` ┌─────────────────────────┐ │ TYPO3 Frontend │ │ │ │ Powermail form page │ └───────────┬─────────────┘ │ ▼ ┌────────────────────────────────────────────────┐ │ Render partial „AltchaSpamProtection.html“ │ │ │ │ • execute AltchaSpamProtectionViewHelper │ │ AltchaService::createChallenge() │ └───────────────────────┬────────────────────────┘ │ ▼ ┌────────────────────────────────────────────────┐ │ AltchaService │ │ • generates random number (maxNumber) │ │ • calculates HMAC signature (hmacKey) │ │ • Saves record in DB (Challenge, expires) │ │ │ │ challenge + signature back to Widget │ └───────────────────────┬────────────────────────┘ │ ▼ ┌────────────────────────────────────────────────┐ │ Browser (Client) │ │ ┌──────────────────────────────────────────┐ │ │ │ altcha.min.js: │ │ │ │ • displays interactive captcha │ │ │ │ • User solves task │ │ │ │ • Payload is packed (response) │ │ │ └──────────────────────────────────────────┘ │ │ Form submit with Altcha payload │ └───────────────────────┬────────────────────────┘ │ ▼ ┌────────────────────────────────────────────────┐ │ Powermail Spamshield (AltchaMethod) │ │ • execute AltchaService->verifySolution() │ └───────────────────────┬────────────────────────┘ │ ▼ ┌────────────────────────────────────────────────┐ │ AltchaService │ │ • validate payload with │ │ Altcha::verifySolution() │ │ │ │ result back to AltchaMethod │ └────────────────────────────────────────────────┘ ``` --- Note ---- [](#note) Ignore the folder Vendor/altcha-lib-php. Only the complete source code of the external Altcha library is located there in order to bypass a Composer installation on the TER platform. All further adjustments and configurations refer to the Classes/ directory and the TYPO3-specific configuration files. With a Composer installation, the library is installed by Composer. ### Health Score 42 — FairBetter than 90% of packages Maintenance69 Regular maintenance activity Popularity23 Limited adoption so far Community5 Small or concentrated contributor base Maturity58 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~27 days Total 6 Last Release 182d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8f95d73846cbc8e7e83a3e957ffd1b66a606c2b74377dc1094f1a076f830d61b?d=identicon)[599media](/maintainers/599media) --- Tags typo3gdpr ### Embed Badge ![Health badge](/badges/fnn-fnn-powermail-altcha/health.svg) ``` [![Health](https://phpackages.com/badges/fnn-fnn-powermail-altcha/health.svg)](https://phpackages.com/packages/fnn-fnn-powermail-altcha) ``` ### Alternatives [soved/laravel-gdpr GDPR compliance with ease 299127.5k2](/packages/soved-laravel-gdpr)[leuchtfeuer/secure-downloads "Secure Download": Apply TYPO3 access rights to ALL file assets (PDFs, TGZs or JPGs etc. - configurable) - protect them from direct access. 22234.7k1](/packages/leuchtfeuer-secure-downloads)[devrabiul/laravel-cookie-consent A GDPR-compliant cookie consent solution for Laravel applications with fully customizable cookie banners, granular consent control, and enterprise-grade compliance features. 17633.8k1](/packages/devrabiul-laravel-cookie-consent)[jfeltkamp/cookiesjsr COOKiES JSR is a consent management tool and provides UI and API to manage 3rd party services within the GDPR. 27807.9k](/packages/jfeltkamp-cookiesjsr)[spooner-web/be_secure_pw You can set password conventions to force secure passwords for BE users. 10461.3k](/packages/spooner-web-be-secure-pw)[georgringer/noopener Add rel="noopener noreferrer" to all external links 1535.1k](/packages/georgringer-noopener) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)