Now we have 2 parts in our form: Real fields with our inputs protected by hashes and strange names (you can implement the hash or strange names as you prefer). Use simple and common names as "email, phone, name, etc", disable the autocomplete (so, browser will not fill it), disable rules, but keep the types. Turn your fake input the most simple, generic and attractive as possible. Important to: Let the label empty, use your 'ohnohoney' class to hide all those fake inputs. Now, a bot cant recognize what this fields are, they're just know that the form has some fields which must be filled, maybe following the "type" as pattern.īy creating the "h o n e y p o t" fields we will be able to identify the Spammer. Dont use "name-hash" or variations of that, a simple split would expose the real field name. Commonly i use the pattern "nameHASH" all together. This fields must have the identifications changed to hashes. This are the visible fields and the ones which must be relevant to your backend in terms of data. Dont use "hidden" in the class name, some advanced bots can recognize it. Important to point some things now:ĭont use display:none, some bots cant access fields with display none, other simply know that they should'nt fill the display none fields. Enter fullscreen mode Exit fullscreen modeįirst we created a class to hide things.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |