My hosting site was hacked and a landing page form is hacked

Please expand on this. If you put up a form and someone writes a bot to send you garbage, that's not a hack job and not a hacked web page.

You may have to add some other verification to stop the garbage delivery.

landing page form is hacked

Why would you say it is 'hacked', what happened. With more information we can assist, right now the question is very general with tons of possible options to solve.

I have reset .httaccess, swapped out the email address ....

The problem might be in your landing page code and not elsewhere, again, information is key.

bogus info coming to the email address on form, stops for a bit then continues in 3 to 2 minute intervals ...

What exactly happens and when, what info etc.

Many bots are able to get around honeypots and CAPTCHAs. Try using a different honeypot as well as captcha. The latest version of ReCaptcha might not be good enough on its own anymore.

I have lots of online submission forms. Most of them get real submissions but there's a few (1 or 2 or so out of a total of about 20-30) that I get those bogus garbage submissions. I'm in the process of upgrading ReCaptcha/php 7.4 to ReCaptcha 3/php 8.2. The form(s) in question haven't been upgraded yet but after that's completed, if the bogus submissions stop then that means ReCaptcha 3 works better than ReCaptcha (c. 2017). I can keep you posted on what I find after that upgrading.

Why not give us the url of the page in question, then someone might spotted a weakness in the code that lets spammers through.

1. Review the form's code: Inspect the form's code thoroughly to ensure there are no vulnerabilities or backdoors that the attackers might be exploiting. Look for any suspicious or unexpected code injections, unusual form actions, or hidden form fields.

2. Implement input validation and sanitization: Make sure the form has proper input validation and sanitization mechanisms in place. Validate and sanitize all user-submitted data to prevent malicious code from being executed.

3. Check for server-side vulnerabilities: Assess the server-side components, including the PHP code, for any potential vulnerabilities. Ensure that you're using the latest and secure versions of the libraries, frameworks, and plugins involved.

4. Update all relevant software: Keep your CMS, plugins, themes, and any other software used on your hosting site up to date. Developers frequently release security patches and updates to address known vulnerabilities, so installing these updates promptly can help protect against potential exploits.

5. Monitor server logs: Check your server logs for any suspicious activity or patterns related to the form submissions. Look for repeated IP addresses, unusual user agents, or any other anomalies that might indicate malicious behavior. This information can help you identify the source of the attacks and take appropriate action.

6. Consider a Web Application Firewall (WAF): Implementing a WAF can provide an extra layer of protection by filtering out malicious traffic and blocking potential attack vectors. It can help detect and block various types of attacks, including form abuse and injection attempts.

7. Contact your hosting provider: Inform your hosting provider about the breach and the ongoing issues you're experiencing. They may have additional security measures or advice to offer. They can also assist in investigating the breach and ensuring the overall security of your hosting environment.

8. Report the breach: If you haven't already done so, report the breach to the appropriate authorities or your local law enforcement agency. They can guide you on the necessary steps to take and help investigate the incident.

Remember, it's crucial to have a comprehensive security plan in place to prevent future attacks. Regularly review and update your security measures, educate yourself on the latest security practices, and stay vigilant to protect your website and user data.

If someone uses a browser with javascript deliberately switched off they will totally bypass your spry validation scripts. And the recaptcha script as well. Spry is antique code from about 2005 anyway, and some posts I saw elsewhere from about 8 years ago say it is considered useless even then.

The only js files are your spry and recaptcha scripts, the only php file is your email script.

So unless your host has confirmed a hack, forget the idea that your host and site were hacked, as there is not extra coded added to the page that would do anything.