How to Secure Your Website Forms (And What to Do If You Receive an Abusive Message)

Receiving an abusive message through your website can be deeply upsetting - and for small businesses or freelancers, it can feel personal. Your contact form should be a safe way for people to reach you, not a tool for harassment.

The good news is that you can protect your website, secure your forms, and take action if someone sends harmful content.

This guide walks you through practical steps, legal protections, and emotional support strategies.

Why Website Forms Need Protection

Contact forms are often misused by:

• Trolls

• Bots and spam systems

• People hiding behind anonymous emails

• Individuals with malicious intent

Without proper security, anyone can send abusive or harmful messages directly to you.

Step 1: Add Security Features to Your Contact Form

Whether you're using Wix, JotForm, or another platform, make sure the following are enabled:

✔ Add CAPTCHA / “I’m not a robot”

This blocks most automated spam and bot submissions.

✔ Log IP Addresses

This helps identify where messages come from. Many platforms will include the IP address in your email notifications.

✔ Use Email Verification

A “confirm email” field or automatic validation helps reduce fake details.

✔ Enable Word or Email Blocklists

Useful for preventing repeated harassment.

✔ Keep Submissions Stored Securely

This ensures you can provide evidence to authorities if needed.

Step 2: What to Do If You Receive an Abusive Message

If a message is distressing, threatening, or abusive, follow these steps immediately:

1. Screenshot everything

Record:

• The message text

• Form submission details

• Date and time

• IP address

• Any associated email or name

2. Do NOT respond

Engaging can escalate the situation.

3. Report it to the police

In the UK, online abuse can be a criminal offence under:

• Communications Act 2003 (Section 127)

• Malicious Communications Act 1988

• Protection from Harassment Act 1997

Police can trace IP addresses, even when someone tries to hide.

Where to report:

• Scotland: www.scotland.police.uk

• England/Wales: www.police.uk

4. Notify your website platform

Wix, JotForm, WordPress, and others can block IPs or investigate abuse.

5. Strengthen your form security

Once you've received abuse, tighten all protections.

Step 3: Look After Your Emotional Wellbeing

Online abuse can trigger anxiety, shock, or old trauma - especially if it feels personal.

If you feel shaken:

• Step away from your device

• Take time to calm your body (breathing, grounding, a walk, etc.)

• Talk to someone you trust

• Return to documenting the message when you feel ready

It is completely normal to feel emotional after receiving harassment.

Step 4: Consider More Secure Contact Options

If unwanted messages continue, you can:

✔ Use a popup or embedded JotForm with added security features

Helps reduce attention to the form.

✔ Add stricter verifications

Such as reCAPTCHA v3 or hidden honeypot fields.

✔ Replace open contact forms with:

• A booking system

• A login-required member form

• A support ticket system

• An email link with filters

These dramatically reduce anonymous harassment.

Is Website Form Abuse a Crime?

Yes. In the UK, sending messages that are:

• threatening

• abusive

• grossly offensive

• intended to cause distress

…can be a criminal offence, even if sent once and even if no reply is made.

The police can investigate, and you have every right to report it.

Final Thoughts

Your website should be a safe place - not a gateway for harassment. By securing your contact form and knowing your rights, you protect both your business and your wellbeing.

If you receive an abusive message:

Document → Secure → Report → Protect yourself.

You are not alone, and you deserve safety and respect online.