[Resolved] In past week (approximately) getting spam in CRED form with reCAPTCHA
This support ticket is created 5 years, 3 months ago. There's a good chance that you are reading advice that it now obsolete.
This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.
Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.
No supporters are available to work today on Toolset forum. Feel free to create tickets and we will handle it as soon as we are online. Thank you for your understanding.
I am trying to:
I have form for visitors to post their projects that they are looking for development help with. It includes reCAPTCHA v2 and that is working correctly. But, in the past week or so (twice today) client has been receiving form posts filled with SPAM. I don't understand how this can happen.
Link to a page where the issue can be seen: hidden link
I can see that the reCaptcha is added to the form and appears to be working correctly.
I just happen to have seen quite a bit of talk about reCaptchas in my feed this week, the general message being that bots are becoming more sophisticated and have become better at solving reCaptchas than humans. I think that mostly relates to the what-are-these-garbled-letters type reCaptchas, but it is surely only a matter of time before they outwit the I am not a robot reCaptcha, too.
Thanks, Nigel.
But, something is not right related to CRED.
And, I noticed the form in question (Post A Project) has the following code for the CAPTCHA field:
The class and output attributes are default attributes added to many fields, and in the case of the reCaptcha field they actually make no difference. If you inspect the HTML markup inserted with and without them you will see they are the same.
And on your problem site on the front end we can see that the reCaptcha field is added correctly, the I-am-not-a-robot checkbox which is inserted as an iframe works as expected.
You could update the shortcode to insert the recaptcha field in your form so that it matches what is currently inserted, but I wouldn't expect it to make any difference, to be honest, but you can try.