TransWikia.com

Prevent internal users from using production web-to-lead form to create test data in prod

Salesforce Asked by Tyler Zika on January 14, 2021

There are production users going to our company site and using our web-to-lead form to create data. This is a problem because there are times we don’t know what are real leads, and which ones are tests. Is there anyway to lock the web-to-lead form down? Can we detect the I.P. address of who is submitting the form?

One Answer

Sure, you could lock it down on your server. Your server knows the IP address of the visitor, so you could prevent it at the server level directly. Or, with a minor tweak, you could write an IP address to a hidden field in the web-to-lead form, and make a validation rule in Salesforce. Other options are also possible, but any solution you want to use will require updating the server code, not necessarily Salesforce. Also, keep in mind that Web-to-Lead can be used by anyone if there's an exposed org ID in the source code, so if you're going to do this, I suggest including some sort of additional validation in the form of a "magic value" that can be validated by Salesforce but can't easily be predicted by a person. Again, this needs either server or client-side code outside of Salesforce.

Answered by sfdcfox on January 14, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP