One of the most common ways of WordPress website abuse is the Contact form spam. If you are using the Contact form 7 or any similar form plugin you will face the spam problem sooner or later.
The Spambots are getting better and better each year and they can pose the real problem for website owners. In this quick guide, we will teach you how to stop contact form spam for good.
How does Contact form Spam work?
The contact form spam submission is automated. It means that the person or group of people (sometimes even a company) is running software that searches the websites for forms and submits their content into the form field. These scripts are actually Spambots and they are getting advanced each year.
Spambots are faking a real visitor and some of them can even bypass simple captcha protection. This can become really annoying as you need to remove those emails manually every day.
How to STOP spambots
You can stop the spambots by utilizing Akismet, adding reCaptcha to your forms, spam honeypot, and quiz-like questions.
Akismet is created by the Automattic, the company that stands behind the WordPress with the purpose of protecting the websites from spammers. The Akismet is providing a nice level of protection for comments spam but it can also protect the contact forms.
Akismet holds the large database of knows spammers and IP addresses of spam source servers. It can be utilized along with the Contact form 7 plugin.
This plugin comes installed with the WordPress by default, you just need to activate it and enter the API key. The plugin and service are freeware, just create an account at the Akismet website and generate the API key. Then just paste the key inside the plugins setting page and you are good to go.
Adding reCAPTCHA to your forms
There are a couple of reCAPTCHA plugins available for WordPress. You can browse them at the WordPress plugin repository. Be sure to give them a try and see which one best fits into your form.
reCAPTCHA inside the Contact form 7
If you are using the Contact form 7 plugin, you don’t need to install any additional reCAPTCHA plugin. Just navigate to your WP admin -> Contact -> Integration.
Setting up reCAPTCHA inside the CF7 should be quite straightforward. You will need to visit Google.com/recaptcha and register your website. You will also need a Google Account to access this service and register your WordPress site. After you register the website you will receive Site key and Secret key. Then just paste them inside the plugin integration page and the Contact Form 7 will handle it automatically.
As an additional layer of anti-spam protection, you can add a spam honeypot trap. Honeypot will act as a trap that attracts Spambots and catch them in action. This method is useful in fighting larger spam problems as once you trap the bot, you can see their IP address and block them from accessing your website.
If you are running the Contact form 7, you can consider installing the Contact Form 7 Honeypot plugin.
Quiz-like simple questions for protection
There is also a simple yet efficient method of stopping spam on your forms. You can add a question in a quiz-like manner that asks customers to calculate some simple mathematical equations. For example, seven + 11 or 7 x twenty one and so on. Make sure that the questions are not too hard to answer as this might prevent regular customers from submitting their messages via your forms.
We can also help you with other WordPress security issues, we can offer you Malware and Virus removal for WordPress.
The Contact Form 7 plugin comes with the built-in quiz options so you can easily add the question to your contact form and stop a vast majority of spambots. You can also create different questions then just simple math equations.
You can add the quiz-like question inside your form by accessing WP admin -> Contact -> Contact Forms. Now, open your form for editing and click on the quiz item above the main form entry.
Now, set your quiz questions in the form. The pattern for adding the question is like this, the question goes first and the answer is added after the | delimiter.
These methods will definitely help you out with fighting the contact form spam. Your WordPress website will benefit from it as the website will work faster, your mailbox will be much cleaner and your server load will be reduced.