Rating: 1 star

I’ve been interested in the Honey Pot concept for eliminating SPAM comments. I didn’t really delve into the code of this plugin to see what it was trying to do, all I know is that it is totally ineffective on several of my sites.

Rating: 1 star

I am optimistic this plugin can get better, but right now it fails to block spambots for me on 3.9.1 with the Divi 2.0 theme.

It does technically work and injects this code:

<!-- the following input field has been added by the Honeypot Comments plugin to thwart spambots -->
	<input type="hidden" id="N1KaIulBlvp509a2NJsytPMGf" name="0r65HysCNM1H7w5xP5nXTUjhF" />					</form>
							</div>

But i still get multiples spam comments a day in WP that are selling purses and all sorts of stuff.

I am happy to try it again if there is a update that takes taekvideo’s comments into consideration and really makes it less obvious. Perhaps make it all called ’email-address’ or something and hide it.

Rating: 2 stars

Just a few things…

#1
if ( ! empty( $_POST['honeypot-comments'] ) )
How would this ever execute if the id and name of your honeypot are 25 character random strings?

#2
<input type="hidden" id="'. RandomString(25) .'" name="'. RandomString(25) .'" />';
Bots aren’t really going to fill out a type=”hidden” field… that’s more of a vinegarpot than a honeypot. You should make it a textarea to entice them, and hide it from real users with css (or javascript is even better)

#3
Even if both of those are done right, some spambots will still get through because they ignore the form you send them and just POST a standard WordPress form. To block those, you’d need to change the “name” attribute of the comment textarea to something else… which is a bit of a pain to do without breaking anything but it’s possible.

Rating: 5 stars

I have been using Askimet but finding it increasingly falling behind and needing me to invest a lot of work to keep up to it. Unfortunately, sometimes I just can’t.

I started playing with different options, including looking at blocking a huge number of IPs from visiting my site (which didn’t actually cut down the number of comments I was receiving as much as I hoped and did seem to affect traffic disproportionately to the decrease in spam comments) and deleting comments direct from the database (which may have cost me some legitimate comments.)

This, so far, is working like a charm. As near as I can tell there isn’t any real server overhead for the plug in and my spam comments have fallen to zero. Of course, as soon as bots get wise to it I am in real trouble . . .