Spam / Junk mail is a problem that all website owners have to deal with. The harsh truth is that if you have any kind of forms collecting information from site visitors, you’re likely to receive spam emails (spam) in the best case scenario, and a lot of spam in the less favorable case.
The spam phenomenon is a major issue even when the forms don’t provide any value that could be of interest to spammers. In general, spammers try to use the same forms to promote their business or website, and even for more malicious purposes. Blocking spam can be a productive and important action that saves you from those annoying troubles.
To protect the forms on your website, you need to make it difficult, to the point where it becomes nearly impossible for any automated tool to fill out and submit the form/response.
All of this should be done while ensuring that users and visitors to your site don’t experience any negative impact on their user experience, and that submitting the form remains as easy as possible for them.
This action requires a certain balance between user experience and form security. When you work with forms without an add-on (such as a management system), securing forms and responses might be somewhat tedious.
Luckily, we work with WordPress, which allows us to prevent spam in comments and forms using plugins and third-party services in a simple manner.
In this guide, we will demonstrate how to prevent spam in Contact Form 7 using the Akismet Anti-Spam plugin. The use of Akismet is free for non-commercial sites, but for commercial sites, you need to pay a fee of around $5 per month, which is definitely worth the investment.
Preventing Spam in Contact Form 7 using Akismet
So, as mentioned, spammers target anything they can, including Contact Form 7. The Contact Form 7 plugin provides several ways to prevent spam, and its integration with the Akismet Anti-Spam plugin is an important step in the prevention strategy.
The first thing to do is to enable Akismet. The Akismet plugin comes pre-installed with WordPress, so you just need to activate it and set up your API key from WordPress.com, which is managed by Automattic, the same company that manages Akismet.
To get your API key, you need to be registered on WordPress.com. It’s a straightforward process: sign up through Akismet and grant it access to your WordPress.com account when prompted. After that, the following window will appear:
Click on Add Personal Subscription. In the next screen, slide the slider to the left if you don’t want to donate money to Akismet and click on Create Subscription. Add your site using the Add Site button without the site prefix, meaning without https
or www
.
Once you’ve done this, simply copy the API key and go to WordPress Dashboard > Settings > Akismet Anti-Spam, enter the key in the requested field, and save it.
If you have the Jetpack plugin installed, which is also developed by Automattic, you can access Akismet through Jetpack > Akismet Anti-Spam.
Adding Akismet to Contact Form 7 Fields
The next step is to configure the Contact Form 7 fields to work with the Akismet service. Go to the edit screen of the Contact Form 7 form and add the Akismet options to the relevant fields in the form:
1. akismet:author – Add this option to the field that collects the sender’s name.
[text* your-name akismet:author]
2. akismet:author_email – Add this option to the field that collects the sender’s email.
[email* your-email akismet:author_email]
3. akismet:author_url – Add this option to the field that collects the sender’s URL, if such a field exists.
[text your-url akismet:author_url]
Note: Add these options directly after the relevant parameter, immediately after the your-name
parameter for example. For illustration purposes, the following code will show an error (configuration error) in the form:
[text* your-name placeholder "Name" akismet:author]
[email* your-email placeholder "Email" akismet:author_email]
In any case, when any of these options are embedded (it’s recommended to add all of them for more accurate results), the Contact Form 7 plugin will send all the information of the form sender to Akismet.
Akismet will check this information against its database and decide whether this submission is classified as spam or not.
If it’s decided that the email is spam, Contact Form 7 will cancel its submission and display an error message on the screen in the style of “Message sending failed” with an orange border (default).
If you’ve followed all the steps in the guide, you can check if Akismet is working properly by sending viagra-test-123 as the sender’s name.
Does it work or not? Share in the comments… In any case, if you can access Akismet in the WordPress control panel, you can view statistics regarding the number of comments or form submissions that were blocked by the plugin.
Summary
I must say that the Akismet plugin works excellently and rarely misses. Simply install it, add your API key, and forget about spam on your WordPress site.
When you work with a client, change the form’s email to your own and perform the “Viagra test”. If everything works fine, change the email back, and you have another satisfied client.
One thing that might not be obvious and I mentioned it is that once you’ve added the Akismet API, it will also filter comments on your WordPress site, without any additional intervention from you.
By the way, you can prevent spam in another way. Take a look at the article How to Prevent Spam and Junk Mail in Contact Form 7 using reCaptcha.