Honeypot spam prevention

Catching and blocking spam emails is, has and probably always will be one of the biggest annoyances on the internet. One fantastic solution to the problem is using a recaptcha field. This method works well... downsides? You have to have a cumbersom character input field on all of your forms. This isn't always an issue however it often clashes with design, especially if you are trying to put a quick email form into a small space.

Try implementing a honeypot captcha to catch that pesky spam!

The honeypot captcha method is actually fairly simple. Put a field onto your form that humans won't fill out. Most spam bots search for forms, fill out every field and submit it. If the honeypot captcha field is filled out then you know that it is a spam submission.

Rather than defining the field as:

<form action="">

...
<p>
<input type="hidden" name="honeypot" value="" />
</p>
...

</form>

use an actual text field like this:

<form action="">

...
<p class="thepot">
<input type="text" name="honeypot" value="" alt="if you fill this field out then your email will not be sent"/>
</p>
...

</form>

The CSS

.thepot display:none;

The PHP

if(isset($_REQUEST'honeypot') && $_REQUEST'honeypot' && $_REQUESThoneypot' != '')

//Don't send the form

else

//Send the form

 

Pro's

  • Simple to implement.
  • It works against most spam senders.
  • It means you can keep control your website aesthetics.

cons

  • Easy to bypass if the spammer knows you are using this technique.
  • Your website isn't helping to digitize books.
  • Accessibility. Someone with a screen reader will see the field and may fill it out. An alt tag has been added to try and prevent this.