Form Restriction in SureForms 

SureForms allows you to control who can submit a form by applying different restriction rules. These restrictions help you prevent spam, limit access, or define specific conditions under which users can submit entries.

With the latest update, you can restrict submissions using various filters such as entry count, IP address, country, keywords, or login status.

How to Enable Form Restrictions

1. Open Form Settings

• Go to the form you want to configure.
• Navigate to Form Settings.

2. Access Advanced Settings

• Inside General Settings, click on Advanced Settings.
• A popup will appear showing all Form Restriction Options.

Restriction Options

1. Maximum Number of Entries

• Enable the Maximum Number of Entries toggle.
• Enter the maximum number of submissions allowed (e.g., 25, 50, 100).
• Once this limit is reached, the form will automatically close.
• Add a custom message to display when the form is no longer accepting submissions.

Frontend Behavior:
Users will see a message such as: “This form is closed as we have reached the maximum number of allowed entries.”

2. IP Based Restriction

Limit or allow form submissions based on the user’s IP address.

How it Works

• Enable IP Based Restriction from the popup.
• Choose the rule:
  • Allow only specific IPs (Only listed IPs can submit the form)
  • Block specific IPs (All users can submit except those with blocked IPs)
• Add one or multiple IP addresses (IPv4 or IPv6 supported).

Use Case Examples

• Prevent repeated spam submissions from specific IPs.
• Allow form access only to internal team networks.

Frontend Behavior: Blocked users will see a custom restriction message instead of the form.

3. Country Based Restriction

Control form access based on the user’s country using geolocation detection.

How it Works

• Enable the Country Based Restriction toggle.
• Choose one of the rules:
  • Allow submissions only from selected countries
  • Block submissions from selected countries
• Select countries from the dropdown.

Use Case Examples

• Limit submissions to a country where a campaign is active.
• Prevent spam from restricted geographic regions.

Frontend Behavior: Users outside the allowed region will see the configured restriction message.

4. Keyword Based Restriction

Block or allow submissions based on specific keywords detected in form fields.

How it Works

• Enable Keyword Based Restriction.
• Choose:
  • Block if keyword found
  • Allow only if keyword found
• Enter one or multiple keywords (e.g., banned words, product codes, event codes).

Use Case Examples

• Prevent profanity or spam keywords.
• Allow submissions only from users who know a specific keyword (like an event passcode).

Frontend Behavior: If the keyword rule is not met, users will see a restriction message and the form won’t submit.

5. Login Based Restriction

Require users to be logged in to submit the form.

How it Works

• Enable Login Required restriction.
• Only logged-in WordPress users will be able to access or submit the form.

Use Case Examples

• Member-only surveys
• Internal company forms
• Premium content submissions

Frontend Behavior: Logged-out visitors will see a message prompting them to log in before accessing the form.

6. Password Protection

Users can access the form by entering the password.

How it Works

• Enable the Password Protection toggle in the form settings.
• Set a password in the Set Password field.
• Customize the Description message shown before password entry.
• Customize the Error Message shown when an incorrect password is entered.
• Save and publish the form.

Once enabled, the form content will remain hidden until the correct password is entered.

Frontend Behavior:

• When a user opens the form URL, they will first see a password input field.
• The form fields are hidden by default.
• After entering the correct password:
  • The password screen is removed.
  • The full form becomes visible and accessible.
• If the user enters an incorrect password:
  • A validation message is shown (for example: “Incorrect password. Please try again!”).
  • The form remains hidden.
• The password screen is removed.
• The full form becomes visible and accessible.
• If the user enters an incorrect password:
  • A validation message is shown (for example: “Incorrect password. Please try again!”).
  • The form remains hidden.

Use Case Examples:

• Internal Team Forms: Protect internal feedback, HR, or reporting forms so only team members with the password can access them.
• Client-Only Forms: Share private forms with clients (onboarding, requirements, approvals) without creating user accounts.
• Event Registration (Private Events): Limit access to invite-only event registration forms using a shared password.
• Temporary or Limited Access Forms: Create forms that should only be accessible for a short time or to a specific group.

Frontend Behavior for All Restrictions

Depending on the applied restriction:

• The form will automatically close or block the submission.
• Users will see your custom restriction message instead of the form or submission confirmation.

Custom messages help you explain why the form is restricted and what users should do next.