Updated March 2026
Sutrena has built-in rate limiting. Trial keys: 5 submissions per 24 hours per IP. Paid plans have higher limits but still protect against abuse.
Beyond rate limiting:
Add a honeypot field. Create a hidden field (CSS display:none) in your custom form. Real users do not fill it. Bots do. On your frontend, only submit if the honeypot is empty. Sutrena stores whatever you send, so the filtering is on your end.
Use uniqueBy to prevent the same email from submitting repeatedly.
Move to a custom form instead of the hosted embed. Custom forms let you add reCAPTCHA, hCaptcha, or Turnstile before the fetch call. Sutrena does not integrate with these directly — they run in your frontend.
For serious abuse: contact us. We can block specific IPs or patterns at the platform level.
The honest truth: no form service can completely stop determined spammers. Rate limiting and honeypots stop 95% of it. CAPTCHA stops most of the rest. The last 1% requires manual intervention.