Recently we have seen a huge increase in WordPress Spam getting thru on Contact Form 7 submit forms protected by Google recaptcha. The Google recaptcha solutions are not working as well as they used to. We have tried Google recapthca V2 and V3, invisible and checkbox. We have also tried using different WordPress Google recapthca plugins. No luck spam still getting thru.
The Google recaptcha service is working, it is blocking some spam, but there is a lot more getting thru than previously.
The spam issue also exists with the Honeypot plugin for Contact Form 7.
WordPress Workaround for Increase in Spam in Contact Form 7 protected by Google recapthca
In order to solve this spam issue we have turned on WordPress core feature for comments on post types. Then we setup disallowed comment keys. We include in the comment keys keywords, hyperlinks and spammy things like Russian language characters. This technique stops the spam for these types of patterns. Tweak your disallowed comment keys list to work best on your WordPress website.
Steps to Stop Spam
- Go to settings > Disable comments – change “everywhere” to “specific post types” and check all the boxes. Then save and refresh the page.
2. Now you will see a new link appear under settings < Discussion Discussion Settings page has a field called Disallowed Comment Keys. When a comment contains any of these words in its content, it will be put in the trash.
We receive a lot of hyperlinks in our submit form spam. In the case above we do not want to allow anyone to submit a hyperlink in our submit forms. By adding http:// and https:// to disallowed comment keys now spammers cannot submit hyperlinks.
In other cases we may want to block Russian or Chinese characters. Whatever your spammers are submitting, pick out the keyword or character you want to block to stop these kinds of messages.
э л й д ж | } .ru