Honeypot for Spam Protection

  • Hi @munirkamal.

    I’m still struggling with the spam protection. I did configure reCatpcahe v2 but still get spam messages over the contact form. You wrote in an other thread it is related to reCaptcha.

    I’m wondering if you could add a honeypot to the forms. If you don’t know how it works, please allow me to explain: robots do fill the fields of a contact form automatically by input fields in the code. You add a hidden input field to the form. This input is only visible for the robots but not for humans. If a contact form is send and the honeypot field is not empty, it means it is filled by a robot and you can decline sending this form.

    What do you think, could you add this feature to your plugin?

    Thanks in advance!

    • This topic was modified 3 years, 10 months ago by codestylist.
Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @codestylist

    This is on the list of integrations, but, I may not commit on a timeline on when I would be able to implement it. There are already two integrations added to fight spam “akismet” and “Google reCaptcha”.

    That said, this is an opensource project and I welcome anyone willing to contribute to it.
    https://github.com/gutenberghub/gutenberg-forms

    Dear Munir,

    I integrated Gutenberg Forms now in several websites i am maintaining and i really like the Plugin very much!

    BUT Spam increased a quite lot since then!

    I have the strong feeling that the integration of Akismet does not work correctly because other form-plugins (like Jetpack) do not use reCaptcha at all and never accepted this huge amount of spam!

    Unfortunately, I cannot prove this and I have really no idea how to prove this.

    ?? I really like the easy approach that @codestylist suggested by adding a “honeypot-field” that must be kept empty.

    @codestylist I implemented the honeypot-form-field with Gutenberg Forms by adding an optional Text-field set “Pattern (RegExp)” to ^$ and “Additional CSS class(es)” to d-none. Make sure to include the following custom CSS code: .d-none { display: none !important; } to make sure this additional form field is not displayed. At least the form in the UI cannot be submitted.

    The form fields do not seem to be correctly evaluated by the backend, so submitting the form values directly to the API without JS will not be blocked. ;-(

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Honeypot for Spam Protection’ is closed to new replies.