Validation Rules

Overview

Formtress lets you define field-level validation rules for each form. These rules run server-side on every submission — before any integration is triggered.

Submissions that fail validation are flagged as spam but still stored so you can review them.

Adding rules

1. Open a form in the dashboard.
2. Go to the Validation tab.
3. Add rules for specific fields.

Rule types

Rule	Description	Example
Required	Field must be present and non-empty.	name is required
Block value	Reject submissions where a field matches a specific value or pattern.	Block email containing @spam.com
Field type	Validate that a field matches a specific type (e.g., email, URL).	email must be a valid email address
Pattern match	Validate against a regex pattern.	phone must match ^\+?[0-9\s-]+$

How validation works

1. A submission arrives at the Formtress endpoint.
2. Firewall checks (e.g., IP reputation) are performed.
3. Domain allowlist is checked first (see Workspaces & Domains).
4. Formtress checks various spam signals (e.g., user agent, gibberish content).
5. Each field-level rule is evaluated.
6. If any rule fails:
   • The submission is stored but flagged as spam.
   • The response returns ok: false with an error message.
   • No integrations are triggered.
7. If all rules pass:
   • The submission is stored as clean.
   • All connected integrations fire.

Tip

You can always review spam submissions in the dashboard and mark false positives as clean. Integrations are triggered for those submissions.