1K Spam Submissions on hubspot form in <6 hours

garrettwolfe · ‎Mar 12, 2025

I'm getting tons of spam submissions on a hubspot form on my webflow website. I'm on the free plan and I cant use the ReCAPTCHA because i need to restyle the form elements and that is only available thru an embeddable iframe. Any suggestions?

TomM2 · ‎Mar 13, 2025

Hey @garrettwolfe this is unfortunately just a drawback of having a public form on a public page. If you can't use the HubSpot provided recaptcha you'll need to implement your own validation process in some way.

Tom Mahon
Technical Consultant | Solutions Engineer | Community Champion
Baskey Digitial

Book a consultation

Did my post help answer your query? Help the community (and me) by marking it as a solution.

View solution in original post

Anton · ‎Mar 13, 2025

Hey @garrettwolfe,

checked it with a free portal of mine.

Recaptcha is possible and available in free accounts. Also it should never be restyled as it's sort of "trademark" of Google.
You should definitely add some data privacy options to your form - regardless of the spam. It could be something simple like "I have read and accepted the terms of use"...
You can add a hidden field to the form and build some sort of a so-called honeypot solution with JavaScript(usually you could do this with a workflow, but it's not available on free/starter) like "if hidden field is populated - deactivate Subscribe button".
Reason for this is following: A human will never populate a hidden field. Therefore if the system recognizes that the field is populated it deactivates the button and it's harder(not impossible) to trigger the form sending button/option.

best,

Anton

View solution in original post

Anton · ‎Mar 13, 2025

Hey @garrettwolfe,

checked it with a free portal of mine.

Recaptcha is possible and available in free accounts. Also it should never be restyled as it's sort of "trademark" of Google.
You should definitely add some data privacy options to your form - regardless of the spam. It could be something simple like "I have read and accepted the terms of use"...
You can add a hidden field to the form and build some sort of a so-called honeypot solution with JavaScript(usually you could do this with a workflow, but it's not available on free/starter) like "if hidden field is populated - deactivate Subscribe button".
Reason for this is following: A human will never populate a hidden field. Therefore if the system recognizes that the field is populated it deactivates the button and it's harder(not impossible) to trigger the form sending button/option.

best,

Anton

TomM2 · ‎Mar 13, 2025

Hey @garrettwolfe this is unfortunately just a drawback of having a public form on a public page. If you can't use the HubSpot provided recaptcha you'll need to implement your own validation process in some way.

Tom Mahon
Technical Consultant | Solutions Engineer | Community Champion
Baskey Digitial

Book a consultation

Did my post help answer your query? Help the community (and me) by marking it as a solution.

PamCotton · ‎Mar 12, 2025

Hey @garrettwolfe, thank you for posting in our Community!

Another option is to add custom validation if you can use JavaScript, or try creating a custom HTML form in Webflow for more styling control. Hopefully, one of these helps reduce the spam.

To our top experts, @TomM2 and @Anton do you have any other recommendations for the @garrettwolfe matter?

Thank you,

Pam

Lead Capture Tools