Gravity forms security steps
All forms that submit data should be protected from bots. Bots can flood the entries or your email box with needless spam. There is a cost to every email sent from gravity forms. Behind the scenes we protect against spam bots by running filters that remove unwanted entries from spam bots, but this only does so much. In order to keep your forms secure we ask that you add a captcha and enable the honeypot.
Captcha
Captcha is a type of test that tries to detect a robot. It stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”. Gravity forms has a captcha field, which can be dragged and dropped from the add fields tab. We recommend putting the captcha near the bottom of the Form by the submit button.
Form Honeypot
A honeypot is an invisible field that only a bot should see. If this field is filled in that entry is either not created, or is creamed and marked spam. We recommend to never create an entry from this data. The honeypot can be enabled in the form settings all the way at the bottom of the page.
Restrict to UNC users (optional)
If you plan to only allow people from the UNC community to submit entires to your form, you can enable “Require user to be logged in” in the form setting. This means only people with an ONYEN will be able to submit entries to your form. This will protect your form from bots until UNC starts admitting bots as students. To enable, in the form settings under Restrictions, check the box next to “Require user to be logged in”
We recommend adding an easy way for your users to login by adding the following to the “Require Login Message” text area