Preventing spam submissions that pass validation

We've added Alphanumeric and Restrict Content validation to 5 standard fields in a contact form yet our clients are regularly bombarded with the following type of thing....

Name:
fUQZFwPGlsuRz

E-mail:
ronaldlynch2919@gmail.com

Telephone:
2850111433

Subject:
oDFdsMNgTnz

Enquiry:
ESoVIwnBgAUd

Is there a way to add validation that requires there to be at least two words, which would help the Name and Enquiry fields?
Is there a way to insist that the telephone number field starts with either a "+" or a "0"?
There's nothing we can do about the e-mail field. The details are false, but it's a legitimate e-mail format.

We don't want to go down the route of adding a CAPTCHA, or similar, just for a regular contact form. Is there anything else we could consider?
Thank you.
NJ

You could use a Regular Expression to validate more specifics like requiring a space and certain characters in the beginning of a value.

This site has a lot of regular expressions you can probably search and find the one you want if you don't know how to write your own:
https://regexlib.com/?AspxAutoDetectCookieSupport=1

You could implement reCaptcha v3... That is an invisible captcha option that doesn't require the user to do anything.

Thank you Ray.

Have had a look at reCAPTCHA v3 - https://developers.google.com/recaptcha/docs/v3 - and have bound the challenge to the form button but we are still able to just submit the same old nonsense to the form and nothing is blocked?
Form URL - https://gallowayfisheriestrust.org/contact.php

Regarding regular expressions, how do we integrate/add an additional, custom, validation using a regular expression to our existing WA Server Validations behaviour on this page?

Thank you.
NJ

Server validations has a Regular Expression type validation you can apply.

There is server side code you have to add for reCaptcha v3 that you are probably missing.

What is wrong with this Regular Expresesion?

$WAFV_Errors .= WAValidateRX(((isset($_POST["FORMname"]))?$_POST["FORMname"]:"") . "","^([A-Z][a-z]+)\s([A-Z][a-zA-Z-]+)$",true,7);

It's supposed to force a user to enter two words seperated by a space, but it doens't work:
https://www.gallowayfisheriestrust.org/contact.php

Two pages attached.
Thank you.
NJ

Regular Expressions should be enclosed in slashes like:

$WAFV_Errors .= WAValidateRX(((isset($_POST["FORMname"]))?$_POST["FORMname"]:"") . "","/^([A-Z][a-z]+)\s([A-Z][a-zA-Z-]+)$/",true,7);

I used the Regular Expression type validation in the Server validations behaviour and pasted the expression in from an example on the https://regexlib.com/?AspxAutoDetectCookieSupport=1 website, as you'd advised.

Is that an issue with the Server Validations behaviour?

Thank you.
NJ

You just have to encapsulate regular expressions with slashes. That is how regular expressions work in php.

Yes, but shouldn't the WA Server Validation insert those, when applying a Regular Expression validation?
In the WA Server Validation wizard I inserted:

^([A-Z][a-z]+)\s([A-Z][a-zA-Z-]+)$

What you're saying is that I should have entered:

/^([A-Z][a-z]+)\s([A-Z][a-zA-Z-]+)$/

...because the behaviour isn't doing it, right?

Thank you.
NJ

Adding the slashes manually allows you to add modifiers after the slashes like i, m, or u, which gives you more flexibility in your regular expression generation. The reason that we don't add the slashes automatically is the same as why php doesn't.

See: https://www.w3schools.com/php/php_regex.asp