Michael Gangolf
Posted on January 22, 2023
As soon as you use a contact form in your WordPress site you'll end up receiving spam messages.
While there are some (paid) plug-ins that will verify your form with external spam databases or add a captcha it might already be a enough to block some sender names or email addresses.
This short tutorial will use the "before send" event and add some checks on your form data to prevent the form from being submitted.
Create a child theme
To add the new code we will create a child theme first so you can still update your normal theme and the code stays there.
Go to your WordPress theme folder (wp-content/themes
) and create a new folder with the same name as your current theme and add -child
at the end.
So if you use astra
it will be called astra-child
:
Next go into that new folder and add a style.css
file with this content:
/*
Theme Name: Astra Child
Description: My child theme
Author: author
Author URI: https://google.com
Template: astra
Version: 1.0
Text Domain: astra-child
*/
and then a PHP file functions.php
with:
<?php
function child_theme_styles() {
wp_enqueue_style( 'parent-style', get_template_directory_uri() . '/style.css' );
}
add_action( 'wp_enqueue_scripts', 'child_theme_styles' );
?>
After that you can select your child theme in WordPress now:
(you can add a screenshot.png if you want or extend the style.css, but it is not needed).
Add the blocker code
Now that we have a child theme and a custom functions.php
we can add the code we need into that file.
We use the before send
filter of Contact Form 7 to intercept the content before its getting submitted. The function looks like this:
function wpcf7_before_send_mail_function($contact_form, &$abort, $submission)
{
return $contact_form;
}
add_filter('wpcf7_before_send_mail', 'wpcf7_before_send_mail_function', 10, 3);
Then go into your form and check the names of your input fields:
In our example we will use the your-email
field and get that in our wpcf7_before_send_mail_function
method:
function wpcf7_before_send_mail_function($contact_form, &$abort, $submission)
{
$your_email = $submission->get_posted_data('your-email');
return $contact_form;
}
add_filter('wpcf7_before_send_mail', 'wpcf7_before_send_mail_function', 10, 3);
The last step is to do simple if checks to see if a keyword is included in the mail - if yes: don't send the mail.
function wpcf7_before_send_mail_function($contact_form, &$abort, $submission)
{
$your_email = $submission->get_posted_data('your-email');
$your_name = $submission->get_posted_data('your-name');
if (stripos($your_email, "getmorebusinessleadsnow") > -1) {
$abort = true;
return false;
}
return $contact_form;
}
add_filter('wpcf7_before_send_mail', 'wpcf7_before_send_mail_function', 10, 3);
Of course you can add more cases into the if statement or use a different field.
Now if a spammer tries to send you a mail with getmorebusinessleadsnow
in the email field it will prevent the form from being submitted.
Summary
While this method doesn't block all spam it will certainly help you if you receive the same emails all the time. It is also very easy to maintain and you don't have to add another plugin or service to your form.
Posted on January 22, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.
Related
February 29, 2024