How to stop contact form 7 spam in WordPress

Nobody wants to be spammed but spamming is a growing problem in WordPress, especially in contact form 7. These spam entries often contain links to scam/phishing sites. Such links can compromise the safety and integrity of your WordPress site. Here are some handy tips to stop contact form 7 spam in WordPress.

Using Google Recaptcha to block Contact form 7 spam:

Google Recaptcha is a free service that blocks spam and abusive traffic on your website. Contact form 7 has an option by using which you can integrate Google Recaptcha with your website.

google recaptcha

Steps to follow:

Step 1 –
Go to https://www.google.com/recaptcha/about/ and click on Admin console. It will ask you to login with your Google account. Once logged in click on the “+” (plus) sign. You will be presented with a screen like below –

Let’s say your website is wrebb.com, in the label, you will have to add “wrebb.com”, select Recaptcha type as “reCaptcha v3”.
In the domain name field enter your domain name like “wrebb.com”. Accept terms and click on submit, it will generate two reCaptcha keys called site key and secret key. These keys are uniquely generated combinations of alphabets, numbers, and symbols. Copy both keys for later use.

Step 2 –
Now we have to add these keys to contact form 7 on our website. Go to your website’s WordPress dashboard and click on “Contact”, which is on the left side menu. You will see a submenu called “Integration”, you need to click on that.

In the Integration section, you will see the reCaptcha option box, click on Setup integration in that box. On the next screen enter the reCaptcha keys which we have generated earlier, and click on save changes.

You are done. Now you will notice spam is reduced greatly.

Using Disallowed Comment Keys (Comment Blocklist) to block spam:

We can block spam messages being sent by blocking common words used by spammers and spambots. Contact form 7 works nicely with WordPress’s default feature Disallowed Comment Keys (Comment Blocklist)

It is quite simple to use. Go to the menu Settings > Discussion, and find the “Disallowed Comment Keys” section.

Here you can enter common spam keywords, one word per line. For example, if you add a “traffic” word, anyone trying to submit a message with the word “traffic” in the message will not be able to submit. You can add common spam words according to your needs.

To sign off

Modern day WordPress development companies prevent all types of spam or hack attempts from reaching your site. These steps will prevent the nuisance of spam mails being sent from the popular Contact Form 7 Email plugin.

Get professional expertise to get your own WordPress website. We design, develop, and maintain top quality websites.