Several spam entries have come through our contact form which goes directly to our members, and they contain links to porn sites and very crude porn language… F### C### {do things to my…} … you get the idea!
We have CAPTCHA + Anti-spam honeypot already installed on these forms.
Any ideas on how to prevent this?
It’s a bit embarrassing!
Install / active the free plugin Gravity Forms Zero Spam by the fabulous people at GravityView. It’ll stop automated spam dead. The spam will pile up in a Spam folder in your entries, but no notifications will be sent.
There are too many ways to handle the spam problem. Gravity Forms provides some hooks that allow developers to handle spam in a way that works best for them. Plugins provide a range of ways to handle that challenge.
Because basic honey pot fields and reCAPTCHA are so heavily used, automated spam systems have developed ways to avoid them. If you want to stop automated spam now, you need to add something that goes beyond the built-in mechanisms – and plugins provide various different approaches to that.
Systems that use recognised patterns of spam are common, and Akismet is a prime example of them. There is an add-on for Akismet included in all Gravity Forms licences, so it’s effectively free. You need an Akismet account, so you end up paying there.
Blocking unwanted words using a block list is another simple approach. It stops warm body spammers as well as automated ones, but only when they exactly match the block list terms. I wrote such a block list add-on for Gravity Forms, it’s not hard.
But that Zero Spam add-on will beat them all for stopping automated spam. It uses a very simple trick that is hard for automated spam systems to accommodate, and in my experience blocks 100% of automated spam – all the spam I’ve seen get passed it has been entered by a warm body at a keyboard. It’s very light weight too.