stefano•2mo ago

for the first time I created a public

for the first time I created a public landing page which has a simple "contacts" form to get emails. Of course it uses a Convex mutation to store the data in the database. Since the mutation is completely public and requires no authentication to get called from the client, what I am worried about is potential abuse from malitious users. How should one approach this?

2 Replies

sam•2mo ago

Probably a mixture of: honeypot field (hidden) on the form, rate limiting, and depending on your hosting preference Cloudflare Turnstile or fallback to the dreaded Google Captcha.

stefanoOP•2mo ago

thanks!

for the first time I created a public

Did you find this page helpful?