A
A
Alexander2018-12-11 02:39:46
Fight against spam
Alexander, 2018-12-11 02:39:46

How to set up additional validation conditions for Contact Form 7 fields in Wordpress?

Hello. I am using Contact Form 7 for Wordpress on my site. Faced a problem.
Through the contact form, a sea of ​​spam of quite a certain content is pouring:
E-mail: [email protected]
Name: Evgenia (or Oleg, Nikolai)
Subject: Call back
Message: Please call back by phone ..., Evgeniya (Oleg, Nikolai)
And since I have an automatic response set up, the hoster thinks that spam is being sent from my account, and therefore blocks the mail server. Therefore, requests from customers do not reach.
The apache log shows this pattern:
Dec 10 08:11:47 ... "GET / HTTP/1.0" 200 ...
Dec 10 08:11:48 ... "GET / HTTP/1.0" 200 ...
Dec 10 08:11:48 ... "GET /contacts/ HTTP/1.0" 200 ...
Dec 10 08:11:49 ... "POST /contacts/ HTTP/1.0" 200 ...
Installed honeypot for wpcf7, no help.
IP spammers change periodically, so it makes no sense to deny access through htaccess.
I thought that if you set up an additional filter in wpcf7 itself, then this might work. I imagine a solution with the help of an additional validation condition:
If the name of the letter is "Call me back", then issue a warning "Change the subject of the letter".
I am very familiar with php. Tell me, please, how to do it? Or maybe there are some other solutions for a similar case?

Answer the question

In order to leave comments, you need to log in

4 answer(s)
A
Alexander, 2018-12-12
@Alexander-ark

I decided to fantasize with the parameters of inserting a hidden honeypot field, I called it "phone". Apparently, the bot inserts a number there, and therefore the script is blocked. I don’t know if this is what worked, or some other reason, but so far the flight is normal.

A
Alexander Sobolev, 2018-12-11
@san_jorich

You can strike a small plugin with js that catches the contents of the field, but something tells me that the scripts do not work through the UI, and we have not yet learned how to hire "Chinese". So the next solution might be a function that filters wp_mail.
Also, you can check the type of a hidden field: If it is filled and went in the request, then interrupt the execution with the 200th.
You can also hide the submit button before
conditions and after submit

L
ljutaev, 2018-12-11
@ljutaev

Another option is recaptcha, I also had the same problem. Only after the site was indexed did spam begin to fall

J
joginzbajin, 2018-12-11
@joginzbajin

Recaptcha is already v.3, invisible, don't spoil anything. Try it.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question