How to Secure Your Salesforce Web-to-Lead Forms with Captcha


22/02/2024

 


 

What is the Web to Lead Form?

A Web-to-Lead form is a feature in Salesforce that allows businesses to capture lead information directly from their website. It's a form that you embed on your website, typically on a "Contact Us" or "Sign Up" page, which visitors can fill out to express interest in your products or services.

When a visitor submits the form on your website, the information they provide is automatically transferred to your Salesforce database as a new lead record. This streamlines the lead generation process by eliminating the need for manual data entry and ensuring that all leads are captured in your Salesforce environment for follow-up and tracking.

 

What is reCAPTCHA?

reCAPTCHA uses an advanced risk analysis engine and adaptive challenges to keep malicious software from engaging in abusive activities on your website. Meanwhile, legitimate users will be able to login, make purchases, view pages, or create accounts and fake users will be blocked.

 

Why should we use reCAPTCHA?

When a user fills out a web-to-lead form that includes reCAPTCHA, they are presented with a challenge that typically involves identifying objects in images or solving simple puzzles. This challenge helps to confirm that the user is indeed a human and not a malicious bot attempting to spam the form with automated submissions.

By integrating reCAPTCHA into web-to-lead forms, businesses can ensure that the leads they receive are legitimate and reduce the chances of their Salesforce database being cluttered with irrelevant or spammy entries. It adds an extra layer of security and validation to the lead capture process, enhancing the overall quality and reliability of the data collected.

 

Here's a practical guide to adding Captcha to your web-to-lead forms:

Step1: Get Captcha Keys

 

1.1 Sign up google account and open link: https://www.google.com/recaptcha/about/

1.2 Click on v3 Admin Console tab

 

 

1.3 Register a new site page will be open

 

 

1.4 Fill the form values as shown below:

  1. Label:  Write the name as you want to give
  2. reCAPTCHA type:  Choose Challenge (v2) > "I'm not a robot" Checkbox
  3. Domains: Enter your website domain where you want to add web-to-lead form

1.5 Click on submit button

 

After clicking the submit button site key and secret key will be generated.

 

 

Using these keys we will create API Key Pair record which will use to enable reCAPTCHA in the web to lead form.

 

Step2: Generate Web to Lead Form

 

2.1 In your Salesforce org, In Quick Find box search “web-to-lead”

2.2 Click on Edit button

 

 

2.3 Check “Require reCAPTCHA Verification” checkbox and Save

2.4 Click on Create Web-to-Lead Form

2.5 Select Fields

2.6 In Return URL: Insert Url where you want to redirect after form submission

2.7 Click on lookup button next to reCAPTCHA API Key Pair

 

 

2.8 Create API Key Pair record:

2.8.1 In API Key Pair Nickname = GoogleAPIKeyPair

2.8.2 In Site Key = Put site key which we generated above in google recaptcha tool

2.8.3 In Secret = Put secret key which we generated above in google recaptcha tool

 

 

2.9 Click on generate button

 

After generating the form you need to add this form on your website.

After complete setup the web to lead form will look like this.