Forums

Validation and Captcha bypassed?

hpinson 14 Jul, 2014
Hi. This morning I have had two forms apparently probed, from an IP Address in the Ukraine.

In both cases, empty forms were successfully submitted, bypassing all validation and Captcha.

I am using Chronoforms V4. The forms were created with Wizard Edit.

As far as I can tell, both Validation (using the tab in the Wizard) and and Captcha (using the CAPTCHA tab in the Wizard and the Captcha input object) are correctly configured.

I'm feeling kind of worried. Do you have any ideas how the security could be bypassed to submit a form?
GreyHead 14 Jul, 2014
Answer
Hi hpinson,

Client side validation only works if the user has JavaScript turned on - and most spam-bots and some spammers don't. Think of that as a help to the user rather than as any protection.

The Captcha should work, though, of course it won't block a human spammer who can solve it.

Please see this FAQ

Bob
hpinson 15 Jul, 2014
Thanks. The FAQ is quite helpful. I guess it is possible it was a human - what was odd about the probe was it only occurred once for each form. IP's always were originating in Ukraine. Kinda scary.
This topic is locked and no more replies can be posted.