Ryan

Hi all, the current (1.14.1) version of honeypot doesn’t utilize CF7 spam system (and thus doesn’t get reported as spam in Flamingo – as Flamingo uses that). This is being corrected in the new version of Honeypot that is expected out in the next couple days.

It will have the ability to store the honeypot field in Flamingo as desired.

EDIT: I just realized the OP is specifically asking if Honeypot items get saved as “spam” in Flamingo. This currently isn’t the case, as Honeypot simply validates and refuses to send (thus no saving in Flamingo). However, CF7 introduced a spam function a while back that handles all this differently, and Honeypot will be using that going forward, so stuff that gets caught with Honeypot will be saved as spam items in Flamingo (though Flamingo auto-deletes these after 30 days by default).

• This reply was modified 3 years, 9 months ago by Ryan.

Hi @dikkker – I checked the form, and can’t understand why it would be triggering. I am working on a new update for the plugin that should be out later this week. If you’re able, I recommend disabling the honeypot for now, and watch for an update in a few days. At the very least, the new version has better options for analyzing what is happening, so it might help to get to the bottom of things.

FYI, you can view any HTML element on the page by right-clicking and selecting “Inspect” (or something to that effect – it’s a bit different in different browsers). You could then view the honeypot field and see if a value is somehow being added to it (it should be empty).

More soon. I’ll leave this topic open for now, and update here when I’ve released the new version.

Could the browser be auto-completing the honeypot field? You should be able to use the browser’s inspector to see if the browser is inserting a value in the field.

Strange. The only way I could recommend debugging this would be to disable all other CF7 plugins, and checking if the field is there. Then re-enabling the other plugins one by one and checking each time. That said, if you’re using ReCaptcha, using honeypot as well is a bit redundant.

I’m sorry, I’m really not sure, as I’ve no experience working with wp-json/reactjs. I’ll leave the issue open for a while, in case any other users have experience with this.

Hi, you definitely shouldn’t modify the PHP directly. If you must change the HTML output of the field, you should use the filters, as this will allow you to upgrade the plugin without losing your changes/modifications. More on that here.

That said, the validautocomplete:true flag, when added to the honeypot shortcode in the CF7 form creator appears to allow the form to pass W3C validation. (tested with most recent version of the plugin here)

If your field is still setting autocomplete=”nope” after setting the flag in the shortcode as above, can you please copy your shortcode here, so I can test/review?

Why are you using a 6 year old version of WordPress and CF7? If you must stay on that version of WordPress (and I would not recommend that you do), then your best bet is to use an older version of the Honeypot module as well. Try version 1.7, but you may need to go back to 1.6.

Different versions can be downloaded here: https://plugins.svn.www.ads-software.com/contact-form-7-honeypot/tags/

I have been using the plugin on 5.6 with no problems, and there have been no reports of compatibility issues. I’ve just updated the supported version number on the plugin page. I haven’t had a chance to test with PHP8 yet.

Hi @galinabublik — strange behaviour, as there’s nothing in the plugin that checks for whether a user is logged in. If you can, I would recommend updating your versions of CF7 and WordPress to the latest versions. I can’t think of any changes in either that would cause this behaviour though. Have you tried with another browser? Are you running any other CF7 plugins that could be modifying the output?

Sorry guys, been busy with other projects and forgot to update the tested tag on the plugin. Tested and working in WP 5.5.

HI @paulcityhopper – it shouldn’t be setting every hidden field, just the Honeypot hidden field. If it is modifying other fields in your form, please do let me know, as that is unusual behaviour indeed.

As for the “nope” value, pleas refer to this post (sticky in the support form, so it isn’t missed ?? ), for a detailed explanation and workarounds: https://www.ads-software.com/support/topic/w3c-validation-in-1-11-explanation-and-work-arounds/

@jmp909wp – there is a checkbox to remove this message when inserting the shortcode. You can also modify all the HTML outputted by the plugin using filters. For more information, please see the “Altering Honeypot Output HTML” section in the Installation instructions. There are examples on how to do this.

If you’re using a honeypot field with an attractive name for bots (i.e. “website” or “email”), and spam is still getting through, it would seem the bots that are hitting your site are too smart for a honeypot solution. I would highly recommend Google’s ReCaptcha v3, as it’s pretty hidden and low key.

Marking resolved due to inactivity.

Marking resolved due to inactivity.