Prevent malicious injection attempts

Ask the Community General Questions
1

Hello,

I would like to request an additional security feature for the chatbot system.

Unfortunately, I was recently the victim of an attack through the chat widget involving malicious injection attempts. Even though reCAPTCHA is enabled, it does not appear to be sufficient to effectively block these types of attacks and automated spam/bot exploits.

Because of this security issue, I had to completely disable the chatbot on my website.

I would strongly recommend implementing more advanced protection mechanisms, such as:

  • Blocking malicious query patterns and injection attempts (XSS, prototype pollution, script injections, etc.)
  • Server-side request filtering and sanitization
  • AI/bot behavior detection
  • Rate limiting and anti-spam protection
  • Automatic blocking of suspicious payloads and URLs
  • Enhanced firewall/security rules beyond standard reCAPTCHA

This type of protection is becoming essential for websites exposed to automated attacks.

Thank you for your attention, and I hope this functionality can be added in a future update.

Best regards,

3

Hi there and welcome to the Community, @La_Vie_Nature :waving_hand:

Many thanks for sharing your thoughts with us!

I completely get your disappointment and I am really sorry that the widget doesn’t have built-in spam protection options now.

You’ve mentioned that you’ve used reCAPTCHA, but it’s not supported in our app. Could you please specify what’s been used as a reCAPTCHA in your case?

Anyway, we have a CAPTCHA request in the Wishlist and you can upvote it here - Add captcha.

The good news is that we have a custom solution to prevent spam in the widget. Feel free to try it out :wink: - How to stop bot spam in your AI Chatbot

4

Thank you very much for reply, i vote for Add captcha and i will see How to stop bot spam in your AI Chatbot

thank you

5

You’re very welcome!

If any further questions come up, I’ll be happy to advise :wink: