Copy link to clipboard
Copied
I have a web app in which I implemented the "Allow site visitors to submit Web App items" process from the manual. It works great, however...
We're starting to get a TON of spam, which looks like an attempt to crack the site (I don't think it has been or will be successful, but...). About 4000 entries on March 1.
But since this is a Web App and not a Web Form, I don't see, nor can I find online, any method of enabling a CAPTCHA or anything. Is this possible?
Does anyone have any advice/solutions on this matter?
Copy link to clipboard
Copied
Hi there,
First thing is that web app items can only be submitted my logged in customers. So with that you either...
1. Are doing inline code and login for anonymous submissions which is a solution but not super secure.
2. You have an issue where something has been exposed and a bot or person is using login credentials to the front end part of the site and submitting those forms.
What you can do without captcha to avoid bots?
While not stopping every human interaction there is one simple step.
If you remove the form action then it is a form that does nothing. If you have that form action in say data-action="FORM action" in the form node and then on page load just for the form set the action based on that data value the form will work but most bots wont be able to submit the form.
Copy link to clipboard
Copied
I second what Liam said.
Good luck!
Copy link to clipboard
Copied
I can't mark this as "correct" yet, but I've googled this solution, have seen other examples, and implemented it on the form in question.
The form submits and works fine, I suppose time will tell if it works or not.
Thank you for the suggestion.