search

Spam Protection

hashtag
Overview

The Form Platform includes multiple layers of spam protection to prevent abuse.

hashtag
Protection Methods

hashtag
1. Honeypot Fields

How It Works:

  • Hidden field added to form

  • Bots often fill hidden fields

  • Immediate rejection if filled

Configuration:

{
  "spamProtection": {
    "honeypot": {
      "enabled": true,
      "fieldName": "website"
    }
  }
}

hashtag
2. reCAPTCHA

How It Works:

  • Google reCAPTCHA integration

  • Score-based validation

  • Configurable threshold

Configuration:

hashtag
3. Custom Rules

How It Works:

  • Field-based spam detection

  • IP-based rules

  • Email domain rules

  • Regex patterns

Configuration:

hashtag
Spam Detection Flow

hashtag
Processing Steps

  1. Honeypot Check: Check if honeypot field filled

  2. reCAPTCHA Verification: Validate reCAPTCHA token

  3. Custom Rules: Evaluate custom spam rules

  4. Heuristics: Basic spam heuristics

  5. Action: Accept, reject, flag, or quarantine

hashtag
Spam Score

  • 0-30: Likely legitimate

  • 30-70: Suspicious

  • 70-100: Likely spam

hashtag
Actions

  • accept: Allow submission

  • reject: Block submission

  • flag: Mark as spam but allow

  • quarantine: Hold for review

hashtag
Rate Limiting

hashtag
IP-Based Limiting

  • Rate limits by IP address

  • Prevents rapid-fire submissions

  • Configurable thresholds

hashtag
User-Based Limiting

  • Rate limits by user

  • Prevents account abuse

  • Quota enforcement

hashtag
Best Practices

hashtag
Configuration

  • Enable honeypot for all forms

  • Use reCAPTCHA for public forms

  • Configure custom rules for known spam patterns

  • Monitor spam detection rates

hashtag
Monitoring

  • Track spam detection metrics

  • Review flagged submissions

  • Adjust thresholds based on results

  • Update custom rules regularly

hashtag
Next Steps

  • API Reference - Submission processing

  • Security - Security best practices

PreviousData RetentionNextAuthentication

Last updated