WordPress Contact Form with Spam Protection

UPDATE: I would highly recommend Gravity Forms from RocketGenius for a very robust form integration with WordPress!

SpamAll of a sudden, I was getting a HUGE volume of Contact Form spam using Ryan Duff’s great WordPress Contact Form plugin.

I’ve left comments on Ryan’s site and IM and told him that I was able to fix the issue by adding a Challenge Question, but I can’t seem to get in contact with him. So… here’s Ryan’s plugin with the new and improved Spam Protection. I am using it on my site and it’s working great.

The Plugin can now be downloaded via the Project Page: WordPress Contact Form with Spam Protection Plugin Project Page

Download a Sponsored Marketing Whitepaper:
7 Top Tips for a Successful Employee Communications Strategy

7 Top Tips for a Successful Employee Communications Strategy

Make it easier to cut through and break down negative perceptions about the value of an IC strategy by using these steps. Download Now


  1. 1

    I just wanted to say a HUGE thank you for this mod. I was using Dagon Design’s contact form plugin because it offered anti-spam verification but not being very skilled in matters of CSS, couldn’t make it look how I wanted. I had used Ryan’s plugin before but had been bombarded with spammers emailing me using it. My anti-spam – Bad Behaviour and Spam Karma – caught most of it but it was still a pain.

    Yours is an elegant, neat enhancement and I reckon Ryan should adopt your mod and give you co-credit for taking the plugin further in such a useful way.

    So yeah. Thank you! The contact form looks just how I want it to now. x

  2. 2

    Thanks, Andy! I was inspired by Seth Godin and the book Crypto. Seth pointed out a site (long ago) that had a 2 + 2 = 4 challenge question that never changed.

    When I read the book Crypto, one of the key pieces of it was how you could pass a piece of information between 2 people that solved a problem… without someone in the middle able to figure it out.

    The problem with most ‘spamware’ is that a computer calculates the challenge question. That’s an inherent flaw, because it will be a computer that tries to break it.

    By making the challenge question a visible aspect of my page in English, I’m avoiding the computer question and solution. And… just to make sure, I allow the person to change the question and answer any time they want.

    I think it’s a great model and I hope to put it on my comments next. I get a ton of spam on my comments but have not received a single piece of SPAM on my contact form.

    Appreciate your kind comments!

  3. 3
  4. 4
  5. 5

    Doug, you are a gentleman and a scholar! We’ve just been bombarded in the last few days with Contact Form spam and a google of the WP support forum led me straight here. I’ve installed the new plugin and it works like a charm. I’ve also hit your PayPal button in appreciation for this lifesaving plugin/modification!

    This form may end up being the single driving force behind my FINALLY getting around to updating my personal blog at joniverse.com from WP 1.5.x to WP 2!

  6. 6
  7. 7

    Simple solutions for big problems. Everything should be coded this way, not a damn 50 KB plugin with things you won’t ever use or strange features (AJAX for a Contact Form? What?).


  8. 8
  9. 9
  10. 10

    Hey. Thanks for the plugin. You rock!

    I have tried using Ryan Duff’s original WP Contact Form, but always experienced errors with my blog (granted, probably a theme conflict). And the Phrixus WP Plugin never worked either.

    What did you do? Why does it work? Why?

    Anyways, thanks man! A donation is on it’s way.

  11. 11
  12. 12
  13. 13
  14. 14
  15. 15

    Thanks for fixing it! I was looking for it all day, thinking that it may have something to do with my browser so I tried various browser with the same result.

    At one time I couldn’t get it to work, but it seems to work now! That’s great! At first, Bad Behavior blocked me from my site. I can’t believe it! It seems quite aggressive so I’ve added my own ip address to the whitelist since I couldn’t get a hold of the developer at all (all emails are bounced back).

    Hopefully I can lessen the amount of spam emails I get from the contact form. I will periodically change the challenge question to thwart those human spammers that read.

    Time will tell whether this is a good deterrant. I am keeping my fingers crossed. Thanks for the great plugin!

  16. 16
  17. 17

    Thank you thank you thank you. We had to change servers, and suddenly everything I had used for contact forms previously was shot to h. Your form works beautifully, except I needed to change the stylesheet so that the name/text area lined up in IE (it was fine in Firefox). I simply changed the .contactright to float left. I also had to change the textarea sizes to fit my blog, but that was simple. Works like a dream!

  18. 18

    You’re very welcome, Linda! I, too, have modified the actual HTML of the form for a better layout (you can see it on my contact page on this site). I actually had so many issues with cross-browser compatibility that I gave up and made a table! I know that’s supposed to be a no-no… but it looks much better.

  19. 19
  20. 20
  21. 21

    Hi Teun – the following styles are from Doug’s “wp-contactform” within the wp-contact folder. I changed just two things, I think (I can’t remember what they were!) and I added a style for the submit button. Doug – I had to change the px to ems, sorry!

    The styles are applied at the beginning of this same wp-contactform page, where you’ll see a few lines that contain lengths for the textareas. This is where you can add the style to the submit button. (I hope all this makes sense). I haven’t tested the following style changes across all browsers and all resolutions, but it seems fine in both Firefox and in IE. If you test it and find a quirk, please let me know:

    /* Begin Contact Form CSS */
    .contactform {
    position: static;
    overflow: hidden;
    .contactleft {
    width: 25%;
    text-align: right;
    clear: both;
    float: left;
    display: inline;
    padding: .4em;
    margin: .5em 0;
    .contactright {
    width: 70%;
    text-align: left;
    float: left;
    display: inline;
    padding: .4em;
    margin: .5em 0;
    .contacterror {
    border: .1em solid #ff0000;
    .contactsubmit {
    /* End Contact Form CSS */

  22. 22
  23. 23
  24. 24
  25. 25

    I have attempted to implement several contact forms, including Ryan’s.

    When I use the contact form, I get overlapping text, the name, etc is higher than the box, and the user can’t enter any data in the text box.

    Is there any way anyone could help? Here is what it looks like:


    I did make sure to clean up anything that was listed per the “if you are using a previous version” information.

    Any help would be greatly appreciated.


    Michelle Dear

  26. 29
  27. 30

    Hi Doug
    I’ve just instaled and activated your great plugin, created a Contact page, but, what need i to make for the contact form appear on my contact page, need i to insert some piece of code? and if yes, where? and or how?
    I’ve read the readme file searching by instructions, but, it’s nothing useful there.
    Sorry but i am a newby, can you explain step by step, please.

    Thank you

    Dr PennyStock

  28. 32
  29. 34
  30. 36


    I’ve tried tons of contact forms but none of them worked on Godaddy except this one!!! It totally rocks. Also, the challenge question entry on the form can handle images! Check out my website where I basically put in a captcha image in an attempt to look more professional. Truly great, thanks very much!

    • 37

      Gerald, that sounds great; I have a client looking to further secure his contact form. Would you mind sharing how you did the captcha on your page while also implementing Douglas’s improved Contact plugin?

      • 38

        Howdy Joni,

        It was really easy. Create a small captcha-type picture with a few characters just to look legit. Feel free to copy mine and upload it. Then go into the wp-admin->options->contact form.

        In the “What is your challenge question?” text box here is what I put:

        Word verification: (img style=”float:right;” src=”http://www.yoursite.com/images/captcha.jpg” border=”0″ alt=””Word verification: Please enter these letters into the text box to the right of the picture.” )

        replace “)” with “>” of course!

        Whatever the text in the image is put that into the “correct response” text box. Save by hitting “Update options” and you are done.

        If there is somehow ever a spam problem then you just change the picture and the correct response. I hope that works out for you and good luck with your client.

  31. 39

    I think WordPress is re-writing your post a bit. The code to include the contact form is similar to an HTML comment, using two ‘dashes’. The code on this site that I copied & pasted was an emdash instead! People copying and pasting will find that the emdash won’t work…

  32. 42

    Sorry to bother you guys again. The plugin is great and I have not had any spam going through unlike previously when I was using the PXSMail plugin.

    Regarding the lining up of fields for IE, I can see that someone has provided the code for the plugin but I’m not sure exactly where I should insert them in. Could anyone help? Or, what about the tables one? How different does it look like? Will the tables format eliminate the viewability problem entirely? Thanks for any input!

    • 43

      Hi May C,

      You can try either of them – it really depends on your theme on how they will look. You won’t hurt anything by copying one file with the other. If you set yourself up a new page (example: Contact), you can write your page introduction and then follow it with the form code…. Example:

      Feel free to drop me a line through this form:
      <!-- contactform -->

      That’s really all there is to it! That code will be replaced with the form when you view it.


  33. 44

    I recently upgraded 4 blogs to WP2.1, and now my contact forms are misbehaving.
    2 display ok. 1 doesn’t display at all and one displays a repeating error about an empty haystack in formatting.php.

    The contact form quick tag is not being displayed in the edit screen on any of the blogs. (And the box is ticked on all of them).

    Any ideas anyone?

  34. 45

    I have determined the haystack error is an intermittant PHP problem, so no fault of the plug-in.
    The one that is not displaying at all has a similar setup to one that IS working, so maybe one of the files is corrupt. (Will completely wipe out and re-install).
    Still don’t know why the quick tag is not displaying. (I think 2.1 might have an updated version of TinyMCE, could that be it?)

  35. 46
  36. 48
  37. 50
  38. 51