The following modules provide differing spam blocking options to prevent spam form submissions on your Drupal 7 site, review these and implement a solution that would best suit your site and the type of spam you're receiving:
- https://www.drupal.org/project/fbip
- https://www.drupal.org/project/honeypot
- https://www.drupal.org/project/captcha
Some notes of caution with these modules:
- Honeypot: This has a time-based session variable that can make pages uncacheable. If you don’t use the time-based setting, cache should be unaffected.
- CAPTCHA: Take care with the CAPTCHA module, because it can also bypass the cache (causing increased website load).
The CleanTalk module (and associated service) provides protection against human generated spam (as apposed to automated spam bots):
Longer term solutions include Acquia Cloud Edge, which can assist in protecting against issues like this. Acquia Cloud Edge is powered by Cloudflare and delivers advanced (D)DoS protection and CDN services. This is also a much more scalable solution than manually blocking IPs during or after an event.