Spam emails

  • Hello, my contact form is getting hacked. I have recapatcha on the form itself and the integration using a site key and a secret key. What else can I do to prevent spam emails?

Viewing 3 replies - 1 through 3 (of 3 total)

  • Sherry22, I am having the same problem. This year (2021) seems to be the year of the hack. I do forms in php for custom sites and block about 230 IP addresses that send spam. I also use a honeypot to catch bots but I do not see such on this plugin. Wish we had better solutions or could at least offer them to the developers. I will be changing my plugin preference.

    Hello @sherry22 and @rhbaone,

    Which version of reCAPTCHA are you using?

    I am also have the same issue, using Google reCaptcha v2, we are getting the occasional blank submission. I asked the website host to look into it, this is what they came back with below. The website handles the request using the ‘wpcf7_before_send_mail’ hook and this function further checks for blank fields and sends the data to a CRM API.

    When we check the IP (23.94.28.28) against Abuseipdb.org, it looks like this IP has been known to spam contact forms before. We’ve gone ahead and blocked it from accessing your server going forward.

    It looks like this is a malformed request, as it’s getting a 404 on the site but CF7 seems to still be “listening” for the submission (which the spammers are probably aware of) and still processes the POST data despite not handling a response.

    We recommend checking with the CF7 folks to see if there is a remedy for that behavior.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Spam emails’ is closed to new replies.