The Most Advanced WordPress Forms Plugin and Form Builder

Add Spam Protection

Last Updated:

Knowledge BaseFormsForm Building → Add Spam Protection

Formidable includes several built-in options for spam protection including a captcha and captcha alternatives. Each of the options below will stop spam by preventing the entry from being submitted if it appears to be spam.

Formidable Forms is the best WordPress Form Builder plugin. Get it for free!

Honeypot

Honeypot is a type of invisible spam protection. Normal users won't be affected by this spam protection. Suspicious submissions will be marked as spam and Formidable will prevent the entry from being submitted.

This feature is enabled by default on all forms and does not require additional configuration.

Empty field above form

If the Formidable styling is missing from the page, you may see the empty form field at the top of each form. If you see this extra field with the label 'If you are human leave this field blank', follow these steps:

  • Clear any caching from your site (i.e. from a plugin, or from your host) and then refresh the page.
  • If the issue persists, go to the Form Styler page and click the Update button.

Turn off Honeypot

To turn off Honeypot on one or all forms, use the frm_run_honeypot hook.

Akismet

Akismet saves you time by automatically detecting and preventing spam. It runs hundreds of tests on each entry and determines whether or not to allow form submission. As a result, you don't have to waste your time sorting through and deleting spam entries. Follow the directions below to set it up.

  1. Go to your WordPress plugins. Install and activate Akismet.
  2. Sign up for an Akismet API key. Akismet may require a paid subscription depending on the type of site you have.
  3. Go to your Akismet Settings and save your API key.
    Add Spam API Key
  4. For each form you would like protected, go to edit the form and click on the 'Settings' tab. Under the section 'On Submit' you should see 'Use Akismet to check entries for spam for' at the bottom of the page.
    Add Spam Form Settings
    You can set Akismet to check entries for no one, everyone, or visitors who are not logged in.

Akismet Troubleshooting

If you are seeing an error message like Your entry appears to be spam, you might have an email address or URL that is getting flagged. Please contact Akismet support. Choose the I think Akismet is catching my comments by mistake option, and they'll investigate the issue.

reCaptcha

reCAPTCHA is a script that judges whether a user is a human or a robot. You have probably seen some variation of reCAPTCHA.
Add Spam reCaptcha

CAPTCHAs are used by many websites to prevent abuse from 'bots', or automated programs usually written to generate spam. Bots cannot easily submit forms protected by reCAPTCHA. Learn more about setting up reCAPTCHA in your forms.

Comment Blacklist

In addition to Honeypot spam protection, every form submission goes through the comment blacklist checks. This not only allows you to add custom terms to the comment blacklist, but also allows several spam protection plugins to integrate without any extra effort.

To add words, IPs, or urls to your blacklist, go to the WordPress Settings → Discussion page. Add values in the Comment Blacklist box, following the WordPress instructions: One word or IP address per line. It will match inside words, so "press" will match "WordPress".

When a form submission is determined to be spam, an error message appears:
Your entry appears to be blocked spam!
or
Your entry appears to be blacklist spam!

To disable blacklist spam checks, use the frm_check_blacklist hook.

CleanTalk

Anti-Spam by CleanTalk is a cloud-based service with a firewall that helps prevent spam bots before they get access to your website. It analyzes comments on your site and determines if it's from a visitor or a spam bot. If the comment is found to be from a spam bot, they will be blocked.

Troubleshooting

Spam submissions continue

If you are still receiving spam submissions with reCaptcha installed, you may be seeing manual spam rather than automated. We have seen this happen occasionally on various sites. Manual spam attacks are much more difficult to prevent with automated spam protection. There are a few options available by combining multiple spam prevention options.

  • Add Akismet. Since Akismet is frequently updated, there may be certain IPs, URLs, or phrases that other option may not catch.
  • Check the entries for common phrases, URLs, or IPs. If you find something repeated, add it to the comment blacklist. This works well for targeted manual spam.
Categories
×

Categories

Install Formidable Lite

Using WordPress and want to get Formidable Forms for free?

This article may contain affiliate links. Once in a while, we earn commissions from those links. But we only recommend products we like, with or without commissions.

Take on bigger projects Right Now

Get the tools you need to revolutionize your workflow and architect a masterpiece. Build the most advanced WordPress forms and actually use the data you collect in meaningful ways.

Get the most advanced WordPress form plugin and the only form builder with integrated Views.

Get Formidable Forms Now

Resources

Top Features

Company