views:

65

answers:

1

With honeypot, i mean more or less this practice:

#Register form
<style>
    .hideme{
        display:none;
        visibility: hidden;
    }
</style>
<form action="register.php">
    Your email: <input type="text" name="u-email" />
    Choose a password: <input type="text" name="passwd" />
    <div class="hideme">
        Please, leave this field blank: <input type="text" name="email" />  #the comment is for text-browser users
    </div>
    <input type="submit" value="Register" autocomplete=off />
</form>

//register.php
<?php
if($_POST['email'] != ''){
    die("You spammer!");
}
//otherwise, do the form validation and go on.
?>

more info here.

Obviously the real fields are named with random hashes, and the honeypot field can have different names (email, user, website, homepage, etc..) that a spambot usually fillup.

I love this tecnique becose doesnt not cause the user to be annoied by capthca

Well, does anyone of you have some experience with this tecnique? How much is it efficent?

A: 

It works relatively well, however, if the bot creator caters to your page they will see that (or even have a routine setup to check) and will most likely modify their bot accordingly.

My preference is to use reCaptcha. But the above will stop some bots.

Brad F Jacobs
i use honeypot for not annoing users with capthca..
DaNieL
A lot of bots still get past reCaptcha on my site :\
Andy E
You could also look into implementing http://www.akismet.com on your site. But this is generally for comment spam. And remember, that the reCaptcha and the Honey Pot will not thwart human spammers.
Brad F Jacobs
akismet is good, but if possible, i'll love a way that dont rely on thirdy-part services
DaNieL