Custom spam filter with Contact Form 7, no extra plugins needed

I have been receiving more and more spam through the contact form of one of my sites, which uses Contact Form 7. To help stop this, I created a simple custom function that blocks contact form messages that contain specific words, without any additional plugins or services.

There are several ways to deal with spam sent through Contact Form 7, but many involve yet another plugin, paid services, annoying captchas, math quizzes, etc. If you just want to stop contact form messages that contain specific words, you can add a filter in your site’s functions.php file.

For example, the latest spam rage seems to be all about “dating” sites (really?). Almost all of the spam has the same key words, which luckily are ones that nobody would actually use in a contact form for a software consulting business (and I’m not particularly looking for any dating sites as clients). The spam words that come up most for me are “dating”, “datings”, “personals”, and “singles”.

The filter code I use checks the subject line for these words, and throws a validation error and message if any of these words appear in the subject line. It’s not sophisticated, and can be easily defeated by a human, but it will stop most run of the mill spam bots.

Here is the function:

// Contact form 7 custom validation for spam in subject lines

add_filter( 'wpcf7_validate_text', 'custom_text_confirmation_validation_filter', 20, 2 ); 

function custom_text_confirmation_validation_filter( $result, $tag )
    // Add your spam words below, separated by '|'

    $spam_words = "dating|datings|personals|singles"; 

    // Specify the name of the Contact Form 7 field that you want
    // to check for spam

    $filter_field = "your-subject"; 

    if ( $filter_field == $tag->name ) 
        $your_subject = isset( $_POST[$filter_field] ) ? trim( $_POST[$filter_field] ) : ''; 
        if ( preg_match("/(" . $spam_words . ")/i", $your_subject) === 1 ) 
            $result->invalidate( $tag, "Please don't spam this contact form." ); 
    return $result; 

Change the $spam_words to match whatever words you want to use.

You will also need to replace and/or match $filter_field (which is ‘your-subject’ in the code above) to the name of the Contact Form 7 field name that you use for your subject line. You can check this in your contact form editor, like this:

Once the function has been added to functions.php and customized, you will have some basic anti-bot spam filtering on your Contact Form 7 form:

You can also use the same function to check the message body if your spam situation is getting out of hand, but it may be worth checking other options.

8 thoughts on “Custom spam filter with Contact Form 7, no extra plugins needed”

  1. Hello there, My name is Aly and I would like to know if you would have any interest to have your website here at promoted as a resource on our blog ?

    We are updating our do-follow broken link resources to include current and up to date resources for our readers. If you may be interested in being included as a resource on our blog, please let me know.

    Thanks, Aly

  2. For some reason I get an error when trying to update the function file via the Theme Editor option.

    Did you do update the file then upload it via FTP?

    Also can I paste the code directly anywhere in the functions.php file?

    I’m no PHP expert by they way lol.

    1. Hi Gerard. This is unusual. It could be related to file and folder permissions issues. It’s also possible that your WordPress installation prevents you from making changes to your current theme. This could depend on your hosting environment.

      You can place the function anywhere in functions.php, as long as it’s not inside another function.

      I should also have mentioned that once you start customizing functions.php, you should probably consider creating a child theme, otherwise your changes are likely to be overwritten by theme updates.

  3. Hii,

    This code is not working on my astra theme (funtion.php) file. i am not able to update function file in theme editor as well as through ftp then it shows error on front page. So help me to solve this problem .as soon as possible.

    1. Hi Sajan. You seem to have two different problems: 1) you can’t edit your functions.php file, and 2) you have an error on your front page. You would need to provide a bit more information.

  4. hello,

    I tried your code on my website using code snippet but I got ‘e is undefined’ error with a red x for PHP snippets ?!!

    whats the problem here

    Please advise,


    1. Hi mem. There was a typo in the code, the code formatter converted some characters into HTML entities.

      I have now fixed the code. Try again and see if it works.

Leave a Reply

Your email address will not be published. Required fields are marked *