Spam can take many forms, including unsolicited emails, comments on blogs, social media posts, or form submissions on websites. If spam could step out of the virtual world and into reality, it would be the uninvited guest who crashes your party, eats all the snacks, and leaves a mess behind.
Just as you need allies when you go out, you also need a united team to fight spam effectively. Ninja Forms is on your team, so get ready to win the battle against spam with built-in antispam features for your WordPress forms!
Table of contents
1. Anti-Spam field
The Anti-Spam field serves as a unique spam filter that is used as a form of math verification. You can find the Anti-Spam field under the Miscellaneous Fields. This is a free field and case-sensitive, so we recommend using simple math questions.
The Anti-Spam field can be only answered by a person as spam bots have typically a hard time answering simple arithmetic questions like “What is 8+3?” because they usually rely on more sophisticated algorithms or pre-programmed scripts rather than solving problems.
Once you add the Anti-Spam field to your form, it is based on question-answer. Our question is “What is 8+3?” The correct answer is 11. Make sure the question is easy to understand, as the person who submits the form must answer it exactly as your answer.
In the example below, we used a Placeholder text to let the user know he needs to answer the question correctly to successfully submit the form.
If the answer is incorrect, the form will not submit and the error message will show up.
If you’d like to customize this error message “Please correct errors before submitting this form”, navigate to the Advanced tab next to the Emails & Actions tab and click Display Settings.
There, you will find multiple settings under the Advanced section. Find the “Please correct errors before submitting this form” and type in your customized message.
Additionally, if you want to reinforce this field, you can use the Restriction settings if you have the Developer mode enabled.
Using the Restriction settings, you can limit the number of characters entered into the field. If we enter only one number, we still have one character left. However, it will not allow us to type in more characters.
If you are experiencing spam submissions using the Anti-Spam field, there might be more advanced bots that use techniques to bypass such checks. That’s why many contact forms use more complex anti-spam measures, like Captchas.
Ninja Forms integrates with Captcha by BesWebSoft, hCaptcha, and many more, but the one that is built-in within the Ninja Forms plugin is the Google reCAPTCHA.
2. Google reCaptcha
Google’s reCAPTCHA service is an additional layer of protection from malicious activity such as contact form spam, brute force login attempts, or eCommerce carding attacks. There are two versions of reCAPTCHA, v2 and v3.
You can find the reCaptcha field under the Miscellaneous Fields. The version that will show in your form plugin depends on the registration of your site you did with Google to receive your site key and secret key.
While you can integrate Ninja Forms with both versions of reCAPTCHA, we recommend using the reCAPTCHA v3 since this version does not require any interaction from individuals filling out your forms.
The v3 version solves the problems of accessibility, convenience, and conversion. It is invisible so it frees up many accessibility issues that visually impaired users face when visiting websites, aka seeing that reCAPTCHA v2. Also, since users are not interrupted when filling out your forms, it won’t affect your conversion rate.
To add reCAPTCHA v3 to your WordPress form, you can follow our step-by-step tutorial. To troubleshoot any errors with reCAPTCHA, check the Why reCAPTCHA Isn’t Working on Your WordPress Form.
3. Honeypot built-in spam protection
The Ninja Forms free core plugin already comes with the Honeypot. You don’t need to install or set up anything in Ninja Forms to use this anti-spam protection. The Honeypot feature is already built-in in our form plugin.
But what the Honeypot is, you ask? Just as a honeypot attracts bees with its sweet contents, a honeypot in spam protection is designed to trick spam bots into interacting with the hidden field.
The Honeypot is an invisible field that’s present in all your forms but real humans don’t see this field. So, if the honeypot detects that the invisible field has been filled out, the form submission was 100% created by a spam bot. In this case, the Honeypot will reject the form submission and you can keep your submission data clean. Yay!
Explore more ways to stop spam in WordPress!
Have you tried all the techniques mentioned above to fight WordPress form spam but are still getting spam submissions? Then, you can try probably the most popular anti-spam plugin in the WordPress space— the Akismet Anti-Spam plugin. To learn. how to integrate it with Ninja Forms check our documentation here.
If you are looking for more Captcha-style anti-spam measures for your forms, our core plugin integrates with Captcha by BesWebSoft, hCaptcha that complies with privacy laws in every country, including GDPR, LGPD, CCPA, and more.
Additionally, you can check the anti-spam service by CleanTalk that does not require completing any Captcha challenges, questions, or puzzles.
Other anti-spam solutions that offer powerful protection against spam are Zero Spam for WordPress, OOPSpam, or Titan Anti-spam & Security plugin.
The Cloudflare Turnstile is becoming very popular lately but at this moment, we don’t have an integration. If you’d love to see this free CAPTCHA replacement integrated with Ninja Forms, let us know in the comments below!