Form Protection¶
This provides various ways to help protect forms from spammers:
Honeypot¶
Based on https://github.com/elisseck/com.elisseck.civihoneypot
Flood control¶
Based on https://lab.civicrm.org/extensions/floodcontrol
ReCAPTCHA¶
- v2 "I'm not a robot" (replaces the one shipped with CiviCRM core).
- v3.
- Cloudflare Turnstile -- Setup Turnstyle keys.
If you are using the Stripe payment processor ReCAPTCHA will also be used to help mitigate card testing attacks if it is enabled.
Setup¶
Configure via Administer->System Settings->Form Protection Settings
Integration with Firewall¶
When using Firewall v1.6.0+, this extension will log FormprotectionEvents in
the Firewall, which will block a user's IP address after too many failed attempts. See the Firewall documentation for more
information.
Support and Maintenance¶
This extension is supported and maintained with the help and support of the CiviCRM community by MJW.
We offer paid support and development as well as a troubleshooting/investigation service.