As the GEO blocking has now been removed (sadly).. is there a way to have the contact form monitored so if more than 3 times information entered has been incomplete or spam based content the I.P is blocked. It's just since the GEO Blocking has been removed our clients are experiencing more SPAM. We do have capture enabled but one had 169 messages in one night, that's just a few days after i upgraded the plugin to the one without GEO Blocking.. This is going to cause us issues and a headache if we can't and may have to look for a GEO Blocking Firewall to replace this with
Yes, there are some ways to avoid spam and attacks to our website.
The first setting to check is the amount of time an IP is dinamically blocked and the number of attacks to dinamically block it. This can be checked into Waf Configuration -> Lists -> IP blocked time and Max number of hacking attempts:
In the screenshot attached every IP will be automatically blocked during 60000 seconds (10 hours) if the firewall detects two attacks coming from that IP.
The second setting to check is the XSS filter. This could be a valid setting to avoid spam messages:
As you can see, the xss protection will catch all "<a" tags, commonly used in spam to add links.
With those settings you should reduce the amount of spam received.
Regarding to the removal of Geoblocking, it was not an easy decision, but we have to accomplish all privacy laws...