The contact form is a great way to interact with your visitors, but it’s also vulnerable to spam entries.
If your contact form submissions are linked to your inbox, there will be a lot of spam crowding your inbox. Each entry must be manually reviewed before being marked “spam” for removal which is a time consuming process when there are hundreds or even thousands of other emails waiting in line already.
Spam bots will flood your inbox if you don’t take steps in order to protect yourself from this annoyance! Here are some easy ways of doing so:
What’s With Contact Form Spam Anyways?
You might be thinking that spam bots are just a minor annoyance for your website, but they can actually do serious harm to the success of any business. Contact form spamming is especially concerning because it’s automated and often comes from numerous sources at once!
They’re looking for ways to take over your site, server or email address to help them send out spam emails. And worse maybe even steal one of those email lists so that these spammers have a fresh batch of people to spam.
So, let’s take a closer look at how you can protect your contact forms from spam.
1. Use reCAPTCHA
The reCAPTCHA is a popular way to prevent spam and abuse by preventing bots from being able to submit forms.
To add this, Head to Google reCAPTCHA website select V3 admin console menu tab, select your captcha type, either v3 or 2, reCAPTCHA v2 requires the user to click “I’m not a robot” and can serve them an image recognition challenge. reCaptcha V3 runs in background, generating score based on your behavior – higher means you’re probably human. Main differences are the new reCAPTCHA V3 is a more advanced and robust system compared to the original one.
It will give you an idea of what users are doing on your site without them having any knowledge about it, by using their browsing habits as suspicious activities that might suggest they’re aiming for spamming or hacking efforts instead!
So decide based on what type of Captcha suits your needs better; Radius Media recommends using version 3 as it’s more secure with less intrusion than earlier versions had been providing!
After getting the API Key from Google Enter these keys in the Elementor > Settings > Integrations > reCAPTCHA options and click Save Changes.
You can also add a custom CAPTCHA to your forms, where visitors will answer word-based or math questions before submitting their information. This is great for preventing spammers from flooding in on potential leads!
Setup reCAPTCHA with elementor
In a Form Widget edit your form’s Form Fields and click on Add Item under Type choose reCAPTCHA3 and Click Save.
2. Use the Honeypot Anti Spam Method
Honeypot field helps you fight spammers, by adding a hidden field only visible to spam bots. This special code will make it easy for admins to identify whether the user is human and not an automated program looking to submit fraudulent requests on our website with ease!
When a spam bot fills in the honeypot field of an online form, their attempt will be rejected and they’ll get stuck trying again with no hope of success!
Honeypot is a great alternative as it will not bother users to go through maths and Image problems to register on your website. And the valid users will be able to register with ease and convenience.
Setup Honeypot in Elementor
To set up the Honeypot field in your User Registration Form you need to create a page and edit with Elementor.
After that, just drag and drop this widget onto any element on the fields tab of an editor window. When creating a new webpage it will show up under Content Tab > Form Fields select “Honeypots” from their Listing and update.
You can also use the WPForms plugin, it enables the honeypot method by default, so check your specific form builder’s settings in WordPress to make sure it’s enabled.
3. Block Copy and Paste In Your Forms
One way to protect your contact forms from spam is by disabling right-click functionality on the site. This will only prevent human spammers who are copying and pasting their information into our form, but it protects other parts of the website too! You’ll have an added benefit with this plugin because others can no longer steal content anywhere on your WordPress site. You can also use jQuery to block copy and paste in your forms. Simply give your form an unique id and use this code. In the place of (#code) paste your unique id, and this paste this snippet in WordPress custom js field, Which can be accessed through Customize option of your WordPress Page.
jQuery(document).ready(function(){
jQuery(‘#code’).on(‘cut copy paste’, function(e){
return false;
});
});
Alternatively, Try downloading WP Content Copy Protection & No Right Click and Disable Right Click For WP. This plugin disables right-click everywhere on your sites.
4. Block Traffic by IP Address
If you’re noticing a lot of spambot activity on your site, it might be time to block traffic from the IP addresses they’re coming from. While this will also add an extra layer of security for content on page protection and can even help keep legitimate visitors out too, use at your own risk!
- Log into your WordPress admin panel
- Navigate to Settings > Discussions
- In the Discussions page, scroll down and you will find a section called Comment Blacklist
- Copy and Paste the IP addresses you want to block
- Save Changes
To do so go into WordPress’ admin panel and add the IPs you want to block to the Comment Blacklist field on the Discussion settings page. Site owners can do this through their web host cPanel or security plugin like Sucuri.
5. Use WordPress Antispam Plugins
You can also use plugins like Akismet, WordPress Zero Spam, Antispam Bee and JetPack that will protect your entire site from spam entries. These often work independently of forms to stop comment spamming or contact submissions (typically with the latter two). They compare each submission against blacklists for words/numbers in order to block them before they even enter into any part on your website!
6. Block Website Visitors from a specific Country
Using a CDN with built-in geo tools is used to block access to certain countries. Geo-Restriction is a great way to block users in certain countries from accessing your content. By configuring either a whitelist or blacklist of countries, you can control how CDN delivers the bits only when they have permission for it! In Cloudflare you can write Firewall Rules by selecting your domain, click the Firewall tile in the app bar, and then click the Firewall Rules tab and Click Create a Firewall Rule.
Geo Restrictions are becoming more common on CDNs like Cloudflare which offers block by country code & also based on their US embargoed list too.This will help you with one of the problems on your website, but it is not an all-encompassing solution.
These are the ways you can protect your WordPress site from contact form spam. You want to be able to hear from your site visitors, but not at the high time and energy cost of spambots. Choose wisely how you do it!
To know more about CSS, Angular, Elementor, and other design-related kinds of stuff visit our Blog.