DEV Community

Cover image for Reduce Contact Form 7 spam
Michael Gangolf
Michael Gangolf

Posted on

Reduce Contact Form 7 spam

As soon as you use a contact form in your WordPress site you'll end up receiving spam messages.
While there are some (paid) plug-ins that will verify your form with external spam databases or add a captcha it might already be a enough to block some sender names or email addresses.

This short tutorial will use the "before send" event and add some checks on your form data to prevent the form from being submitted.

Create a child theme

To add the new code we will create a child theme first so you can still update your normal theme and the code stays there.

Go to your WordPress theme folder (wp-content/themes) and create a new folder with the same name as your current theme and add -child at the end.

So if you use astra it will be called astra-child:
folder

Next go into that new folder and add a style.css file with this content:

/*
 Theme Name:   Astra Child
 Description:  My child theme
 Author:       author
 Author URI:   https://google.com
 Template:     astra
 Version:      1.0
 Text Domain:  astra-child
*/
Enter fullscreen mode Exit fullscreen mode

and then a PHP file functions.php with:

<?php
function child_theme_styles() {
  wp_enqueue_style( 'parent-style', get_template_directory_uri() . '/style.css' );
}

add_action( 'wp_enqueue_scripts', 'child_theme_styles' );
?>
Enter fullscreen mode Exit fullscreen mode

After that you can select your child theme in WordPress now:

wp select theme
(you can add a screenshot.png if you want or extend the style.css, but it is not needed).

Add the blocker code

Now that we have a child theme and a custom functions.php we can add the code we need into that file.

We use the before send filter of Contact Form 7 to intercept the content before its getting submitted. The function looks like this:

function wpcf7_before_send_mail_function($contact_form, &$abort, $submission)
{
    return $contact_form;
}
add_filter('wpcf7_before_send_mail', 'wpcf7_before_send_mail_function', 10, 3);
Enter fullscreen mode Exit fullscreen mode

Then go into your form and check the names of your input fields:

input fields

In our example we will use the your-email field and get that in our wpcf7_before_send_mail_function method:

function wpcf7_before_send_mail_function($contact_form, &$abort, $submission)
{
    $your_email = $submission->get_posted_data('your-email');

    return $contact_form;
}
add_filter('wpcf7_before_send_mail', 'wpcf7_before_send_mail_function', 10, 3);
Enter fullscreen mode Exit fullscreen mode

The last step is to do simple if checks to see if a keyword is included in the mail - if yes: don't send the mail.

function wpcf7_before_send_mail_function($contact_form, &$abort, $submission)
{
    $your_email = $submission->get_posted_data('your-email');
    $your_name = $submission->get_posted_data('your-name');

    if (stripos($your_email, "getmorebusinessleadsnow") > -1) {
        $abort = true;
        return false;
    }

    return $contact_form;
}
add_filter('wpcf7_before_send_mail', 'wpcf7_before_send_mail_function', 10, 3);
Enter fullscreen mode Exit fullscreen mode

Of course you can add more cases into the if statement or use a different field.

Now if a spammer tries to send you a mail with getmorebusinessleadsnow in the email field it will prevent the form from being submitted.

Summary

While this method doesn't block all spam it will certainly help you if you receive the same emails all the time. It is also very easy to maintain and you don't have to add another plugin or service to your form.

Top comments (0)