Hi @rjkothari2021
I hope you’re well today!
To start with, please remember that nothing is a one-hundred-percent efficient protection against such spam. There are things that can only limit/mitigate it to certain degree.
You mentioned that this started to happen mostly after you switched to another hosting and that’s also entirely possible. This is due to bots targeting some IP ranges more often than others and it may as well change on its own over time.
But getting back to possible protection:
Since you already have cpatcha added I would suggest some additional solution:
1. in form settings additionally enable “honeypot” option; it’s a very very basic protection against spam but still adds-up to it so as a supplementary precaution it’s worth a shot
2. add some anti-spam solution that directly integrates with Forminator; that could be CleanTalk Anti-Spam plugin or Akismet, take a look here, please:
https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#other-integrations
3. it may be more efficient to use CloudFlare’s Turnstile instead of reCaptcha/hCaptcha but you’d need to test it, it’s different in different cases;
https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#simple-cloudflare-turnstile
4. Since you are already using WordFence, make sure to keep an eye on logs and consider blocking IPs of the most active offenders; check with your host if you have server-level WAF/firewall and if so – better add such IPs to blocklists there rather than in the plugin
5. Consider adding CloudFlare to the site; even their free tier can significantly decrease bot traffic (hence the spam level too) and an additional benefit is usually also a better site performance.
Kind regards,
Adam
Thanks Adam for your detailed reply.
By tracking the IPs I found that they are located all over the world. I have added some of them to the Plug-ins. But, it seems to well coordinate attack. My new server is hosted on Digital Ocean. Not sure if their servers are more prone to attack.
I could not find “honeypot” option in Forminator Settings.
I have added “Clean Talk” plug-in. It seems good. Let me see how it goes.
I’m checking up Cloudflare’s Turnstile. But, I don’t see any integration option for same in Forminator settings.
Thanks any way.
Hi @rjkothari2021,
But, it seems to well coordinate attack. My new server is hosted on Digital Ocean. Not sure if their servers are more prone to attack.
If the website doesn’t cater to every user and only targets any specific region, you could also check and see whether blocking any common countries from where the IPs originates helps or not too.
https://community.cloudflare.com/t/how-to-block-our-website-in-specific-countries/637528
I could not find “honeypot” option in Forminator Settings.
You should find the option under the “Behaviour” tab as shared in the following screenshot:
https://i.imgur.com/BWOLFLP.png
I’m checking up Cloudflare’s Turnstile. But, I don’t see any integration option for same in Forminator settings.
It requires installing the Simple Cloudflare Turnstile plugin. We already have the steps regarding this in the following documentation, is that how you have configured it?
https://wpmudev.com/docs/wpmu-dev-plugins/forminator/#simple-cloudflare-turnstile
Please do check and let us know if you need any further assistance.
Kind Regards,
Nithin
