Inspite of ReCaptcha some spam forms are filled

  • Resolved rjkothari2021

    (@rjkothari2021)


    4 months, 3 weeks ago

    I have a WordPress website for more than 2 years.

    For last 1 week, suddenly I have started getting 2 forms on my websites getting filled by spammers with junk values.

    1. Support Request Form (intranetssl.net)

    2. Contact Secure Network Traffic for inquiries, resellers (intranetssl.net)

    Also noticed 2 posts getting spam comments.

    In the Forminator plug-in checked Google ReCaptcha and now added hCaptcha codes also. Still problem continues.

    Surprise is that spam attack on 2 forms only out of about 7-8 forms.

    One Survey form is filled up once. User Feedback Survey – SecureNT Intranet SSL/TLS Certificate

    My setup: latest WordPress, Forminator, Sucuri, Stop Spammers, WordFence plug-ins used.

    Any clue how to stop this menace?

    One more thing. Recently we shifted from a shared WP setup (Plesk managed) to a shared virtual server with Ubuntu 24.04. Everything worked correctly for 4-5 weeks. Suddenly noticed 100% CPU utilisation and also this spam menace. Restarted server and and server utilisation returned back to 4-5%. Once again CPU utilisation shot to 100%. Restarted server. CPU utilisation is normal (4-8%). But once again spam started. Added hCaptcha to Forminator plug-in and added ReCaptcha plug-in. Still spams are coming.

    Can anyone help or give some hint to solve the problem?

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support Williams – WPMU DEV Support

    (@wpmudev-support8)

    Hi @rjkothari2021

    I hope you’re well today!

    To start with, please remember that nothing is a one-hundred-percent efficient protection against such spam. There are things that can only limit/mitigate it to certain degree.

    You mentioned that this started to happen mostly after you switched to another hosting and that’s also entirely possible. This is due to bots targeting some IP ranges more often than others and it may as well change on its own over time.

    But getting back to possible protection:

    Since you already have cpatcha added I would suggest some additional solution:

    1. in form settings additionally enable “honeypot” option; it’s a very very basic protection against spam but still adds-up to it so as a supplementary precaution it’s worth a shot

    2. add some anti-spam solution that directly integrates with Forminator; that could be CleanTalk Anti-Spam plugin or Akismet, take a look here, please:

    https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#other-integrations

    3. it may be more efficient to use CloudFlare’s Turnstile instead of reCaptcha/hCaptcha but you’d need to test it, it’s different in different cases;

    https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#simple-cloudflare-turnstile

    4. Since you are already using WordFence, make sure to keep an eye on logs and consider blocking IPs of the most active offenders; check with your host if you have server-level WAF/firewall and if so – better add such IPs to blocklists there rather than in the plugin

    5. Consider adding CloudFlare to the site; even their free tier can significantly decrease bot traffic (hence the spam level too) and an additional benefit is usually also a better site performance.

    Kind regards,
    Adam

    Thread Starter rjkothari2021

    (@rjkothari2021)

    Thanks Adam for your detailed reply.

    By tracking the IPs I found that they are located all over the world. I have added some of them to the Plug-ins. But, it seems to well coordinate attack. My new server is hosted on Digital Ocean. Not sure if their servers are more prone to attack.

    I could not find “honeypot” option in Forminator Settings.

    I have added “Clean Talk” plug-in. It seems good. Let me see how it goes.

    I’m checking up Cloudflare’s Turnstile. But, I don’t see any integration option for same in Forminator settings.

    Thanks any way.

    Plugin Support Nithin – WPMU DEV Support

    (@wpmudevsupport11)

    Hi @rjkothari2021,

    But, it seems to well coordinate attack. My new server is hosted on Digital Ocean. Not sure if their servers are more prone to attack.

    If the website doesn’t cater to every user and only targets any specific region, you could also check and see whether blocking any common countries from where the IPs originates helps or not too.

    https://community.cloudflare.com/t/how-to-block-our-website-in-specific-countries/637528

    I could not find “honeypot” option in Forminator Settings.

    You should find the option under the “Behaviour” tab as shared in the following screenshot:
    https://i.imgur.com/BWOLFLP.png

    I’m checking up Cloudflare’s Turnstile. But, I don’t see any integration option for same in Forminator settings.

    It requires installing the Simple Cloudflare Turnstile plugin. We already have the steps regarding this in the following documentation, is that how you have configured it?

    https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#simple-cloudflare-turnstile

    Please do check and let us know if you need any further assistance.

    Kind Regards,

    Nithin

    Plugin Support Dmytro – WPMU DEV Support

    (@wpmudevsupport16)

    Hello @rjkothari2021,

    I hope the suggested tips helped.

    As we didn’t hear from you for a while, we’re marking this thread as resolved. Please feel free to reply in case you have any further questions.

    Best Regards,
    Dmytro

    Thread Starter rjkothari2021

    (@rjkothari2021)

    Cleantalk worked very well. The Spams stopped immediately. But, it was 7 day trial.

    So, I stopped cleantalk and tried Cloudflare’s Simple TurnStile plug-in. It is working like a charm. No more spam mails or posts.

    Many thanks for all the help.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.