Read-me

First you copy the DLL's HttpModuleMollom.dll & JelleDruyts.Mollom.Client.dll to the BIN folder of the web application where you wish to protect with captcha's. Then a few changes have to be made in the web.config file from your specific web application where you installed the module.

1. Register an account at http://www.mollom.com and add your site to acquire a public and a private key needed in step 3.

2. Open the web.config file in your preferred text-editor.

3. Look for the <appSettings></appSettings> tag in it and add the following keys:

<add key="MollomModule.PrivateKey" value="" />
<add key="MollomModule.PublicKey" value="" />
<add key="MollomModule.WhiteList" value="" />
<add key="MollomModule.RedirectTo" value="" />
<add key="MollomModule.EventSource" value="MollomHttpModule" />
<add key="MollomModule.EventLog" value="Application" />

When you registered a website at http://www.mollom.com/ you were given a public key and a private key (if you haven't registered yet, you can do this now because those keys are required in order for the module to function). Enter them at the keys, respectively MollomModule.PublicKey and MollomModule.PrivateKey, within the quotes behind the value attribute.

You are given a chance to enter fields you wish to check for spam in the MollomModule.WhiteList key. These are the names shown in a rendered form page. To add multiple values you have to separate the values with a semicolon. (e.g. you have fields Name and Comment that you wish to be checked for spam you add them like this: .. value="Name;Comment" ..).

Last you have an option when something is classified as spam where the spammer should be redirected to. If you leave this blank the spammer will be redirect to an empty input-form where he started off.

The last 2 keys should be left unchanged for logging purposes. If you have experience with the event-logger in windows you can change this to your needs.

4. Next, look for the <httpModules></httpModules> tags and add the following line to it:
<add name="HttpModuleMollom" type="HttpModuleMollom.HttpModuleMollom, HttpModuleMollom"/>

You're done with the installation of the HTTPModule for Mollom. You need not restart your webserver, this will go in use within a minute upon saving your web.config file.

Sidenotes

If you run ASP.NET under another account than Administrator you'll have to change some settings.

First of all you'll have to figure out under which account your ASP.NET service is running. This is done easiest by going to run in the start menu and typing "services.msc". This will prompt the services installed and running, the column "Log on as" will display which account is running your ASP.NET.

Next you follow the next steps:

  1. Launch RegEdit
  2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\
  3. From the menu, select Edit->Permissions
  4. Click the Add button and write ASPNET. (if ASP.NET is running under a different user id, use that id instead)
  5. Click OK.
  6. Select the newly added user from the list (ASP.NET Machine User by default).
  7. Click on Full Control in the Allow column.
  8. Click OK.
  9. Restart IIS (iisreset command)

This will allow your ASP.NET application to write logs to the event log.