Hi. This morning I have had two forms apparently probed, from an IP Address in the Ukraine.
In both cases, empty forms were successfully submitted, bypassing all validation and Captcha.
I am using Chronoforms V4. The forms were created with Wizard Edit.
As far as I can tell, both Validation (using the tab in the Wizard) and and Captcha (using the CAPTCHA tab in the Wizard and the Captcha input object) are correctly configured.
I'm feeling kind of worried. Do you have any ideas how the security could be bypassed to submit a form?
In both cases, empty forms were successfully submitted, bypassing all validation and Captcha.
I am using Chronoforms V4. The forms were created with Wizard Edit.
As far as I can tell, both Validation (using the tab in the Wizard) and and Captcha (using the CAPTCHA tab in the Wizard and the Captcha input object) are correctly configured.
I'm feeling kind of worried. Do you have any ideas how the security could be bypassed to submit a form?
Hi hpinson,
Client side validation only works if the user has JavaScript turned on - and most spam-bots and some spammers don't. Think of that as a help to the user rather than as any protection.
The Captcha should work, though, of course it won't block a human spammer who can solve it.
Please see this FAQ
Bob
Client side validation only works if the user has JavaScript turned on - and most spam-bots and some spammers don't. Think of that as a help to the user rather than as any protection.
The Captcha should work, though, of course it won't block a human spammer who can solve it.
Please see this FAQ
Bob
This topic is locked and no more replies can be posted.
