You know what really grinds our gears? Spam bots.
We currently have two ways to protect yourself from spam bots. Captcha and the Honeypot.
UPDATE 5/5/20: We have added another security mechanism that can be used in conjunction with Cases. To prevent an IP from submitting a Web Form over and over again, website portal users can click to "Black List" the IP from the Cases detail in the Contact CRM. See article on "How do I help prevent spam form submissions?".
reCaptcha v2 and v3
When creating a new Web Form, under the Settings tab be sure to select the option for Enable Captcha.
You can also visit the Customize tab and insert the tag {bb_recaptcha} for reCAPTCHA v2 (I'm not a robot) checkbox, or {bb_recaptcha3} for reCAPTCHA v3 (Verify requests with a score)
By default, checking Enable Captcha will place the Google reCAPTCHA v2 {bb_recaptcha}code on your form. Your website visitors will be required to physically checkoff that box. Or, if using reCAPTCHA v3 (no checkbox) which allows you to verify if an interaction is legitimate without any user interaction. You can simply change the tag to {bb_recaptcha3} depending on which you prefer.
Multiple Web Forms on same page
In order to use reCAPTCHA on pages that have multiple forms, it is required to use reCAPTCHA v3. So be sure that {bb_recaptcha3} is located before the Submit button on your form under the Customize tab.
Honeypot
Spam bots tend to look for all the <input> fields in a <form> and automatically fill in all the values with their spammy nonsense. We provide a very simple feature that creates a hidden form field that is only visible to bots. Since it's a regular input field, the bot will automatically fill in a value. If we detect the hidden field is trying to be submitted, then we reject the entire submission.
To implement this feature, edit your Web Form code by navigating to the Content > Web Forms > Your Web Form > Customize section.
Place the {bb_honeypot} anywhere within the <form></form> element.
