How to prevent web to lead form spam?

I have a few web-to-lead forms on my website.

Even though I have enabled captcha, some spammers are able to directly create leads. They are somehow bypassing the captcha. I think this is a serious problem and should not be allowed. This most certainly is a security risk. Is there some back door to SuiteCRM that people can use? How do I prevent this?

Hi @binfer,

Although we appreciate our users bringing forward potential security issues and concerns we do ask for the opportunity for our security team to resolve said issues before being released publicly. As such I have unlisted this post and I ask that this and any future security concerns you may identify are handled via the process listed here - Raising Issues :: SuiteCRM Documentation

Thank you for your understanding in this matter :+1:

Just to be sure, do you want me to email the details to the listed email? Can’t I just forward the link to this page to the security team? I don’t have the screenshot saved on my computer…

Hi @binfer,

I will end up removing this message once we get an email to ensure we have complete tracking so copying your message into an email would be appreciated. In regards to the image, you should be able to right-click and save the image.

If you are unable to, this link should allow you to download it via that method.
Right click this link and open in new page

Thanks!