[Resolved] Form processing despite missing (required) file – leads to spam

[Author]

Posts

[lotharK]

Hi,
My customer has a toolset form that his website users can use to create user accounts on the website. The form has a required media field.
We get a lot of spam submissions via the form. Even though the media field is required and the spam users obviously do not attach a file, the form is processed and the users are saved.
How do spammers circumvent media file validation and can we do something about it?
Unfortunately, ReCaptcha is not an option for my customer due to GDPR reasons.
Best regards and many thanks in advance
Lothar

The URL of a (staging) copy of the page is: hidden link, the right of the two forms.
I would be happy to share access details for the site if you would like.

[Minesh]

Hello. Thank you for contacting the Toolset support.

I'm not sure what spammers use to bypass the required file field validation as well as ReCaptcha.

What if you try to use the honeypot plugin that should help you to reduce the spam.
- https://wordpress.org/plugins/honeypot/

It's interesting that they support Toolset Forms:

Automatic anti spam protection for following forms (Available in Free Version) . No setup required.

[lotharK]

Hi Minesh
Thank you for the great tip! The plugin actually seems to stop spam submissions!
Thanks again and have a nice day
Lothar