Installing Mollom for Drupal 7

Use the procedures on this page to install and configure Mollom for your Drupal 7-based environment.


To install Mollom, complete the following steps:

  1. Download the Mollom module from
  2. Extract the module into your modules directory (for example, docroot/sites/all/modules/mollom).
  3. Enable the module on the Modules page.
  4. Go to People > Permissions to configure user permissions for the Mollom module.
  5. Sign in to and go to your Site manager to retrieve the public and private API key for your website.
  6. If your website runs behind a reverse proxy or load balancer (for example, Varnish or Nginx) your website must send the actual IP address for every website visitor:
    1. Enable and configure the reverse_proxy settings in Drupal's settings.php, usually located in /sites/default/settings.php.
    2. Go to Reports > Recent log messages to confirm that you see a different IP address for each unique website visitor in the Hostname field of each log message.


After you install the Mollom module, you must then connect it to the Mollom service and configure it for your environment.

Global settings

  1. Go to Configuration > Content authoring > Mollom content moderation > Settings.
  2. Enter the API keys for your website from your Site manager.
  3. Enable testing mode if you want to test Mollom's user interface behavior on your website. This allows triggering of specific Mollom responses and protects your own author reputation while testing.
  4. Review advanced settings - these can typically be left at their default values but note that advanced features such as form behavior analysis (beta) and flag as inappropriate can be enabled or configured here.

Set up forms to protect

To enable and configure Mollom for each form that you want to protect, complete the following steps:

  1. Go to Configuration > Content authoring > Mollom content moderation.
  2. Either click the Add form link to protect a new form or choose an existing form from the table. Select the Comment forms to protect comments. The Node forms will only protect the content submission forms.
  3. Select the protection mode:
    • Text analysis (recommended)
      Checks the submitted content for spam and only shows a CAPTCHA to contributors if Mollom is unsure.
    • CAPTCHA-only
      Only adds a CAPTCHA to the form. Only choose this option if you cannot send content to Mollom for whichever reason.


Mollom deeply integrates with the selected forms. With text analysis selected:

  • Spam posts are discarded by default.
    For posts that support the concept of a publishing status (for example, nodes or comments), you may also choose to retain all spam posts for manual moderation.
  • Ham (not spam) posts are accepted.
    For comments, the final status depends on whether the author has the permission to post comments without approval.
  • If Mollom is unsure, the author is asked to solve a CAPTCHA (word verification).
    If the CAPTCHA is not solved correctly, the author is presented a new one and asked to try again.
  • In case spam posts are not caught by Mollom, you can report them when deleting.
    The Mollom service learns from your feedback.


To view statistics for your website, go to Reports > Mollom statistics.

To display Mollom's log of its activity, go to Reports > Recent log messages. Filter by category mollom to access detailed information for each form submission that has been processed by Mollom. When requesting support, it is helpful to include the details of one or more log messages.

Contact supportStill need assistance? Contact Acquia Support