Uniform spam problem



There is a uniform contact form on one of my pages that keeps receiving spam, even though I implemented the required code.
Since there is even another form on the same website - the only difference is that it is not called a contact form - I am honestly clueless about what the problem might be. The plugin folder is intact and Honeypot and CSRF are drawn correctly on the website - that is, they are actually there.

I’d post some code, but I have no idea where the problem could be to begin with.
Is there anything I am missing? Do I have to implement something more?


The honeypot doesn’t prevent spam in general, it only aims to prevent auto-filling of forms by bots etc. that fill in any field and thus go into the trap. So if it is real people filling the form, there is no real way to prevent that unless they are coming from an IP range you could generally block. And more clever bots probably won’t go into the honeypot either…

Check if you really need the form. Do you get real messages through the form at all? If not, remove the form.

You could of course implement Captchas or quizzes, to discourage people to fill in the forms (might also stop real contact from filling in the form though).

Or analyze the spam messages:

  • are they very short? (=> implement minimum character count)
  • do they contain typical words (=> check content for words)