Prevent bot/spam form submissions

In this article:


Overview

The reCAPTCHA option is the main tool built into LGL forms to help prevent bot/spam form submissions from occurring through a form.

A threshold is in place for non-payment forms to prevent spammers from using them to send spammy emails through a form confirmation process. The threshold is applied hourly and defaults to 100, after which point no confirmation emails will be sent. The threshold limit can be increased to up to 200 per hour. 

For any non-payment form that experiences spamming, the reCAPTCHA option will automatically be added to the form if not already present. This does not apply to payment forms, since the payment must be successful for those to generate confirmation emails.

Use the reCAPTCHA option

To reduce form submissions from bots/spam, you can select one of two reCAPTCHA options for your payment form, reCAPTCHA v2 or reCAPTCHA v3. Both are Google features and are not defined by LGL but rather are standards used across many platforms to protect web sites from fraudulent activities, spam, and abuse. (Additional information about each option is available online by searching Google for a comparison of the two.) 
To set a reCAPTCHA option up, select the radio button within the "Protect with reCAPTCHA" box in the Form Settings area as you're building a new payment form or editing an existing one.

Preview your form with the reCAPTCHA option turned on

To view what this option will look like to someone who's completing the form, click on the View link next to the form on your Active Forms page:

Here's an example of how the form will look using reCAPTCHA V2:

Here's an example of how a form will look using reCAPTCHA V3: 

NOTE: This version is not interactive and displays as a badge in the lower right of the form.

For nonpayment forms only: Prevent bots from sending phishing links through your form

The confirmation email option for each LGL nonpayment form has a default hourly limit of 200 confirmation emails per hour. This is to prevent a bot from sending phishing links through your form. 

You can make changes to this default in Edit mode for any nonpayment form, as shown here: