Anti-Spammer Master

Add honeypots and timers to your forms

Anti-Spammer Master lets you easily add a honeypot and a timer field to your forms.

If you're not sure what they are it's simple.

A honeypot is a visually hidden input that s supposed to be left empty. Normal users will NOT see it and won't try to fill it. Bots will see it and will most likely fill it up. Anti-Spammer Master will mark the submission as spam if the honeypot is filled.

A timer is an input that allows Anti-Spammer Master to calculate how long it took for the form to be filled and submitted. Bots fill forms in a matter of seconds. Forms filled too fast will be marked as spam.

Adding a honeypot and a timer to any form is easy and can be done with just a few lines of code.

Adding a honeypot and a timer to your forms

You will need to add the following code to your forms:

<?php
    if (class_exists('Kalmoya\AntiSpammerMaster\Helpers\FormFieldsGenerator')) {
        \Kalmoya\AntiSpammerMaster\Helpers\FormFieldsGenerator::getFields();
    }
?>

This code must be inside the <form></form> element and preferably after the submit button. Putting it after the submit button will make sure users with disabilities using screen readers will not fill the honeypot by accident. Other measures are in place to avoid that, this is just an extra measure but an important one.

Recommendations

  • Do not use too obvious Honeypot and timer handles like "honey_pot" as sophisticated bots will spot them
  • Give them even a meaningless handle like "hd5d4d"
  • Or give them a handle that might trick the bot like "your_email" as long as it's not used in other inputs
  • Again, try to add your honeypot and timer after the submit button

Other option for Express Forms

If you're using Express Forms and don't want to add code to your forms you can use the package Hidden Data Attributes for Express. You can get both packages together for a hugely discounted price.

It will allow you to add the honeypot and timer attributes directly to your forms without dealing with extra code.

To add the honeypot to your Express Forms:

  1. Add a "Hidden Fixed Value" attribute to your Express Entity
  2. Give the attribute a handle using the "Honeypot Handle Fragment" value from your settings as a prefix or suffix to the handle
  3. Leave the attribute's value (Fixed String) empty
  4. Check the box to "make the attribute visually hidden only"
  5. Add the attribute to your forms

To add the timer to your Express Forms:

  1. Add a "Hidden Dynamic Value" attribute to your Express Entity
  2. Give the attribute a handle using the "Honeypot Handle Fragment" value from your settings as a prefix or suffix to the handle
  3. In the options select the Data Source "Current Date & Time"
  4. Add the attribute to your forms