Contact Form 7 is the most widely used contact form plugin for WordPress websites since it’s easy to install and most notably it’s free.
Personally, I’d rather just pay $59/year for Gravity Forms as an alternative, but if you’re on a budget, Contact Form 7 will do.
Unfortunately this commonly used contact form plugin is a often a target for spammers. If you’ve fallen victim then you’ve probably received a fair share of emails from shady SEO companies, porn sites or possibly the Nigerian prince looking to share his wealth.
Spam emails create clutter in your inbox, can affect conversion tracking data and generally just a nuisance.
To be honest, there is no solution that works 100% to combat spam however the recommendations provided in the following article will certainly make a sizable impact.
I wouldn’t recommend implementing all methods at once to try and keep WordPress installs as clean as possible and some site owners may not like how certain methods affect user experience.
1. Adding a Quiz Field
By adding a test question such as a simple math problem can stop a bot in its tracks which is programmed to fill in common form fields such as Name, Email, Phone, Message etc.
If the question isn’t answered then the form will not be submitted.
Sample questions can include: What is 15 + 4, a panda is black and ___, a dog has __ legs etc. The questions should be easy for your visitors to answer.
The following shortocode example on the right will add a question of 5+5 to a contact form. [quiz quiz-209 “What is 5+5|10”]
2. Add a Honeypot Field
The purpose of a honeypot field is to add a hidden field to a contact form.
Since bots the vast majority of bots are scripted to fill in common fields they will typically encounter a validation error trying to fill it in.
The Contact Form 7 Honeypot plugin allows you to easily add a honeypot field to your form.
TIP: Instead of using the default name for the honeypot field, rename it to include the word email so the end result of the tag should look like [honeypot email]. This may trick some bots into thinking its a common email field to fill thus causing a validation error.
3. Add reCaptcha or Invisible Captcha
Adding a captcha field is one of the most common methods used to combat email spam. Similar to the quiz field, it may ask user a challenging question, a puzzle or ask them to enter a random string of characters text into a field for validation.
While this the reCaptcha method is effective in fighting spam, some site owners may find it intrusive or not visually appealing and it may impact site performance.
There are two versions available. reCaptcha v2 is the one most people are familiar with which asks visitors a challenging question. This version also includes an Invisible reCaptcha badge which doe snot require any user interaction unless it detects suspicious traffic.
Similar to reCaptcha V2, reCaptcha v3 is the newest version which is completely invisible and works behind the scene. It detects users based on a score which may display a puzzle if the user is suspicious.
Integrating reCaptcha into Contact Form 7 may be a bit tricky for newbies.
1. You will need to generate a site key and secret key through Google reCaptcha.
2. Under the Contact Form 7 menu option select the ‘Integration’ menu option and click the ‘Setup Integration’ button.
3. Enter the Site Key and Secret Key into the respective boxes.