One of our forms, which had first level protection using a hidden field, occasionally got bursts of spam submissions. Added Cloudflare turnstile as an additional layer of protection.
In the <head> section of the web page which had the form,
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" defer></script>
Inside the form,
<div class="cf-turnstile" data-sitekey="0x4OUR-SITE-KEY0-"></div>
and in the done function, handling the "failed captcha" situation -
$.ajax({
method: "POST",
url: url,
data: user
}).done(function (msg) {
// When the request is successful
if(msg=="Success") {
$('span').html('<strong>Thank you for submitting your details. We will get back to you shortly, in a week or so.</strong>');
$("form").trigger("reset");
}
if(msg=="Failed captcha.") {
$('span').html('<strong>Please resubmit after the captcha loads, checking the box to confirm you are human if necessary.</strong>');
}
}).fail(function (err, textstatus, error) {
$('span').text(textstatus);
});
Then, we need to add some back-end code. Since we're using Google Apps Scripts, this looked like:
No comments:
Post a Comment