How to remove false alert ?

me too! i use WP Armour Pro – and only on autoresponder the [your-email] is listed as unsafe ( E-Mails are sent – but that error is annoying )

Hi @led69 and @guenni007,

Please read the following article related with this configiguration error: https://contactform7.com/configuration-errors/unsafe-email-without-protection/

However, if you want to disable the configuration validator, you can do it by adding this line into your wp-config.php file:

define( 'WPCF7_VALIDATE_CONFIGURATION', false );

Or this line within your child-theme functions.php file:

add_filter( 'wpcf7_validate_configuration', '__return_false' );

HI Yordan, that is a great fix. One quick question, where should I insert this line in my wp-config.php file? Can you suggest the line where I should put it or can I just add it at the very end, will that work? thanks JP

Hi Yordan, on my config file lines 86 to 89 are a series of “define( ‘…’, true or false ); just like what you suggest. I assume I put it in line 90 right after these ones, does that sound like the right place to insert this? thanks JP

Hi @joelposluns,

Sorry for not answering sooner!

Hi Yordan, on my config file lines 86 to 89 are a series of “define( ‘…’, true or false ); just like what you suggest. I assume I put it in line 90 right after these ones, does that sound like the right place to insert this? thanks JP

Yes, you can safely paste the line in that place, after this one:

define( 'WP_DEBUG', false );

Thanks Yordan, I actually went back to CF7 version 7.5.8 as a quick fix but will use this patch the next time up upgrade the plug in as I like to keep up to date with versions as they come out. So far I haven’t had any spam from the To Mail tag I have in place but I understand the vulnerability. Thanks so much for your help, I am always amazed at the generosity of participants in these forums to help us with much less technical skills. Regards JP

I always recommend keep the plugins and theme up-to-date, but I understand your point. Try not to to stay behind for long time! ??

I agree on this alert being annoying. Although the functions.php fix works, I think this is not how the plugin should handle this in the first place. Forcing your users to use some privacy-invading Google service is not very nice.

If the protection offered by popular plugins like WP Armour cannot be easily integrated, then at least make it possible to hide the warnings, for instance by clicking a button that states you’re aware of the problem and have implemented some sort of protection.

@led69, @guenni007, @sjonvugt, @joelposluns:

Ultimately, I do not recommend disabling any warning, because they are very useful and help you to configure safer contact forms, however, the plugin author just wrote this article explaining how to deactivate this warning:
Disabling only specific error types of config validator

Please note that this is not a false alert, as the post title states, but a warning to a potential security issue. If you choose to disable this warning, be aware that you are ignoring a potential insecure configuration that spammers could exploit to send spam from your site.

Our form is behind a login for employees only, so the feature is pure annoyance and no benefit here.

Hi @kickahawolfenhaut1968,

Did you read the messages above, here and here?