Easter Sale 2024


I'm receiving spam through my RSForm!Pro form!

Can you help me understand the reason for receiving spam through my RSForm!Pro form?

There are no 100% spam proof prevention methods, these are used to limit the amount of spam you can get, not to stop these entirely.

What to do:

If by any chance you're using the default Captcha Antispam, field available in RSForm!Pro, then you should be aware that this standard captcha is actually an obsolete solution available for legacy reasons, today's AI can easily bypass it.

As a GDPR alternative to the standard Captcha field, you can try using the Hashcash Honeypot Antispam instead.

Nevertheless, it is strongly advisable to implement an effective spam prevention technique within your form, given that RSForm!Pro offers a diverse range of anti-spam solutions for you to select from. For example:

  • reCaptcha v3 - beside adding the reCaptcha field in your form, you can also enable the "Load On All Pages" option so that it better analyzes your traffic to understand which parts are legitimate. In time you can try tweaking the Allowable Threshold value (this defaults to 0.5) and if your spam is still high, try increasing it to something like 0.7 as this should further help.
    •  
  • reCaptcha v2 - when using the reCaptcha v2 integration, spam will eventually get through and that's because it's so advanced they now use real people to submit forms or have a system (called Captcha farms) that solves reCaptchas v2 (while the robots fill in all the other fields). In this case, you can switch to the Invisible type of reCaptcha v2 which can be selected from the 'Size' option (Attributes tab) while editing the reCaptcha v2 field.
    •  
  • Friendly Captcha - as an alternative to reCaptcha v2, we provide the Friendly Captcha plugin which claims to be compatible with DSGVO, for more information on how Friendly Captcha handles GDPR you can consult their official docs. This plugin is commercial and needs to be purchased separately.
    •  
  • hCaptcha - another alternative to reCaptcha v2 is hCaptcha which proves to be quite effective. Find out more information on how hCaptcha works on their official docs.
    •  
  • Cloudflare Turnstile Captcha - a CAPTCHA-free alternative which proves to be effective, while ensuring your privacy. Find out more information on how Cloudflare Turnstile Captcha works on their official docs.
    •  
  • CleanTalk - an invisible protection without any captchas, puzzles or math problems. Find out more information on how Cleantalk works on their official docs.
    •  
  • Akismet - a non-invasive method of detection spam submissions. With this integration you will be able to block potential spam submissions to your form via the Akismet service. Find out more information on how Akismet works on their official docs.

Another option would be to use a script in Scripts Called On Form Process that will stop the submission if a particular word or email address is used for the submission. This is done through the $invalid variable as stated here.

For example, if your field is named 'email', you can use something similar:

    if ($_POST['form']['email']=='spammer@email.com')
    {
        $invalid[]=RSFormProHelper::getComponentId('email');
    }

There is also a 'List of Disposable Email Domains' area available under Extensions > RSForm!Pro > Configuration > Security tab, you can add here the email address you want to block When using the 'Email Address' validation in your fields, the email address will be checked against this list. If the domain matches, it will be rejected. More on this topic here

 

Was this article helpful?

Yes No
Sorry about that