Since two weeks hour contact form on our website is being abused. When looking at the cloudflare log i don’t see anything, Then a set a firewall rule to log the form and it was from a single IP. So i blocked that, upped the firewall setting high, but fogith mode and challenge passage to 5 minutes etc etc.
So it didn’t stop now its a different IP. So i added a challenge to the form page and it seems they can can somehow pass that!
So i think they found a way around the Cloudflare challange…
Any suggestions or location i should report it?
With kind regards.