Recaptcha v3 support!


My client is currently experiencing several incoming spam emails on the daily.
I believe this is because Gravity Forms doesn’t support V3 reCaptcha.

Scott Lewis from the following post has stated something similar to myself.

I have many clients that use Gravity Forms and I would like to what the solution is to this issue?

Any information that can be provided will be appreciated.

Thank you!

We still have this open as a feature request. For now though, if you need reCAPTCHA v3 support, I believe this plugin for Gravity Forms provides it:

Thank you Chris.

I installed this plugin but my client still received spam emails.

Is there something else I could try? I wouldn’t want to switch up forms.

This was written by one of my colleagues for a license holder experiencing the same issue as you:

Spammers have been more active lately in general, the dramatic shift is not really explainable and there isn’t really any correlation from reports we’ve received in the types of spam and their methods, it is likely just a new wave of spammers hitting your site over a short amount of time and likely received positive feedback from their spam going through signaling that your site is currently vulnerable to it.

If current spam counter measures are not performing as they were or you’re receiving a higher volume of attempted spam (based on your description it is most likely the latter) you will need to add more robust spam prevention solutions. The honeypot will only catch very simple automated spam, it is the bare minimum you can use to prevent spam and will only catch fully automated spam. With the recent uptick in spamming it has been common for these to beat reCAPTCHA and the honeypot usually meaning it is manually done in some way, so most automated tools will not be a catchall solution as spamming tactics become more advanced.

Here are few additional measures you can take ranging from less extreme to more extreme, usually a combination of a couple will stop most spam from being submitted:

  • Generate v2 invisible or checkbox reCAPTCHA keys for your site, install those on the Forms > Settings page, and add CAPTCHA fields to your forms.
  • Enable the Akismet integration on the Forms > Settings page when Akismet is active. This will pass all entered data through Akismet’s spam filter. I see you already have Akismet installed, so if you’re currently using it I would recommend enabling the integration on the Forms > Settings page and if that is already active you should consider increasing the strictness of Akismet’s spam filtering.
  • You could use the following third-party perk from Gravity Wiz to set up a list of blacklisted keywords using WordPress’ commenting blacklist if the spam has any sort of common keywords:
  • Especially if the spam is coming from a foreign country most of the time, you could use Cloudflare to set up more nuanced firewall rules at a server level to stop the spammers from reaching the site entirely.
  • Require your users to log in before they can submit any forms.

I hope some of these issues will help prevent spam submissions on your site.

Hi Chris,

I’ve combined a couple of methods that was suggested on your colleagues post.
I have reCaptcha fields on my Gravity Form and have purchased a plan with Akismet and then integrated it with the form.

My client is still receiving spam emails.

Is there something I missed? What else should I be checking? Can you help me move forward?

Thank you!

© 2008 - 2019. Gravity Forms is a project by Rocketgenius Inc.