FormsFort

FAQ

FormsFort frequently asked questions about public access keys, privacy, spam protection, billing, and account deletion.

FAQ

Answers for the baseline product contract. These answers document the production posture of the current Web3Forms-compatible baseline.

Do access keys need to be secret?

No. Access keys are public routing identifiers for form submission. Rotate a key if it is abused, but do not treat it like an API secret.

Does FormsFort store raw submissions?

No raw submission bodies are stored by default. FormsFort forwards accepted submissions and keeps only redacted diagnostic metadata, field names, hashes, delivery state, and request IDs.

How do I prevent spam?

Use honeypot fields, rate limits, recipient verification, captcha, exact allowed domains, server IP safelists for server submissions, and admin abuse rules.

Why is billing manual?

The baseline intentionally avoids Stripe. The dashboard still models plans, usage, upgrade requests, and admin-assigned entitlements.

Can I use server-side submission?

Yes, but it is a paid/manual feature. Configure the exact sender IP on the form and keep the request observable with request IDs.

Can users delete their account?

Users can submit a deletion request with retention acknowledgement. Operators can process deletion or anonymization after legal and abuse-prevention retention requirements.

Troubleshooting

Troubleshoot FormsFort email delivery, CORS, rate limits, captcha, server-side submissions, and file uploads.

Pro Features

FormsFort paid feature guide for captcha, CC recipients, autoresponders, file uploads, advanced uploader, webhooks, domain restrictions, and intro text.

On this page

FAQDo access keys need to be secret?Does FormsFort store raw submissions?How do I prevent spam?Why is billing manual?Can I use server-side submission?Can users delete their account?