Because WPforms' visual operation is very simple, many foreign trade websites use WPforms to create inquiry forms. However, as long as a website can submit comments, it is very susceptible to spam comment harassment. In this article, Naiba will introduce two methods to block WPforms form spam comments: through online spam verification systems, such as Google reCAPTCHA; or using a blacklist to prohibit submissions with specific content.
Blocking via reCAPTCHA or hCaptcha
Although WPforms comes with an "Enable anti-spam protection" feature by default, its blocking effect is not ideal. We can integrate reCAPTCHA or hCaptcha to achieve cloud-based blocking of bot submissions.
Integrating CAPTCHA only requires going into WPforms settings, finding CAPTCHA, and configuring the corresponding parameters. Based on Naiba's actual testing, hCaptcha verification may not work properly under certain themes. It is recommended to prioritize using reCAPTCHA for verification.
After clicking into the reCAPTCHA settings interface, you can click 'read our walk through' to get the configuration tutorial. The overall configuration is relatively simple. After completing the configuration, enter the form you created, then drag and drop the verification component onto the form to enable it.
Use a blacklist to prevent form submissions containing certain words
Compared to using cloud-based verification, Naiba tends to prefer using a blacklist method to block spam content when the volume of spam comments is not particularly high. Here we need to manually install a plugin named „
I don't like Spam!". Plugin installation method:
- Search for 'I don't like Spam!' directly in the WordPress Admin Dashboard to install;
- Click this link to downloadAfter downloading the installation package, upload and install it from the Plugins section in the WP Admin Dashboard.
This plugin supports blacklist content settings for Ninja Forms, Caldera Forms, and WPForms. After installing the plugin, go to WordPress Settings, under Discussion, find 'Disallowed Comment Keys'. Fill in the blacklist words extracted from spam comments on your website. After saving, content containing the blacklist can no longer be submitted via forms. For example, block usernames like Henryuphot, Henryinfem, or the URLs they leave.
Integrating CAPTCHA only requires going into WPforms settings, finding CAPTCHA, and configuring the corresponding parameters. Based on Naiba's actual testing, hCaptcha verification may not work properly under certain themes. It is recommended to prioritize using reCAPTCHA for verification.
After clicking into the reCAPTCHA settings interface, you can click 'read our walk through' to get the configuration tutorial. The overall configuration is relatively simple. After completing the configuration, enter the form you created, then drag and drop the verification component onto the form to enable it.