Spam-Protect a Symfony5 Contact-Form with CAPTCHA
David Iwaoka / CC BY-SA (https://creativecommons.org/licenses/by-sa/4.0)
On many of our Websites we have contact forms. And recently there seems to be an elevated number of bots filling out these forms with spam data.
That’s especially a problem, when a contact form is directly connected to an Issue Tracker, that automatically generates an issue when a mail to a specified address arrives.
A possible solution for avoiding automated form-fills is using CAPTCHAs.
So, as our Symfony Websites are using contact forms built with the form builder, and I was looking for a solution without any external provider, such as
Google with ReCaptcha or Akismet, I went over to packagist, searched for the word “spam” and selected the “symfony” tag and the
result list showed the
gregwar/captcha-bundle on top of the list.
The installation was just
composer require gregwar/captcha-bundle, and after that, adding a field in the contact form
$builder->add('captcha', CaptchaType::class, ['attr' => ['class' => 'feedback-captcha']]);
That was basically it. But making it run in our very stripped-down Docker-Containers required adding the
gd extension with
docker-php-ext-configure gd --enable-gd --with-freetype --with-jpeg and
docker-php-ext-install gd in the Dockerfile.
After that - and really no more configuration (except for some CSS), we hat a running Captcha on the Website.
Link to the Symfony Bundle: https://github.com/Gregwar/CaptchaBundle