Spambot honeypot
@ben :
Out of the blue, we started getting a ton of spam signups.
Using Optin Monster for static and lightbox popup hover forms.
I don't want to force double opt-in, not that that would solve the problem anyway, but is there a simple way to enable a Honeypot that will automatically reject the spam sign up?
I read this thread: [link] https://sendy.co/forum/discussion/161/lots-of-spam-signups-on-double-opt-in-list/p1
And this post: [link] http://nfriedly.com/techblog/2009/11/how-to-build-a-spam-free-contact-forms-without-captchas/
I've got this input into OptinMonster:
<?php <form action="http://aircargo.io/subscribe" method="POST" accept-charset="utf-8"> <?php <input type="text" name="name" id="name" placeholder="Name" /> <?php <input type="hidden" name="list" value="J01CXkwd389285AYGgS8WepQ"/> <?php <p class="antispam">Leave this empty: <?php <input type="submit" name="signup" id="signup" value="Submit!" /> <?php </form> >(without all of the) php at the beginning obviously. I don't know how to get the form to show in Markdown. and this in the CSS:
html div#om-cviyby1pq9-lightbox .antispam { display:none;}
However, I'm not sure what to do with this to edit it properly and put it in subscribe.php:
<?php
// if the url field is empty
if(isset($_POST['url']) && $_POST['url'] == ''){
// then send the form to your email
mail( 'you@yoursite.com', 'Contact Form', print_r($_POST,true) );
}
// otherwise, let the spammer think that they got their message through
?>
Thanks
We'll get back to you as soon as possible
I assume all I need to do is get that edited and input into subscribe.php to stop the spambots.
Can you tell me how to edit it please, because we've got a 4mb attachment going with each autoresponder email and they're signing up by the hundreds per day?
Comments
Hi,
The basic idea of creating a honeypot is to create one text input field that is hidden by CSS so the spambot will fill that up.
Eg.
<input type="text" name="antispam" id="antispam" placeholder="antispam" />Hide the above with
display: nonein your CSS stylesheet.In the backend script, check that the
$_POST['antispam']is not empty, if it is not empty, it is a spambot submitting the form, then justexit;the script without further processing.Eg.
<?php if(isset($_POST['antispam'])) exit; ?>Best regards,
Ben
@Ben, thank you. I know and understand what a honeypot is and does. I just don't understand how to implement it in Optin Monster and Sendy.
I will incorporate the hidden form field in Optin Monster you referenced.
display:none is already set in CSS as per my OP.
I will add your php of if(asset($_POST['antispam'])) exit;
Into subscribe.php
Anything else or will that work?
@ben, Don't you mean: input type="hidden" ?
Also, where am I putting the if(isset($_POST['antispam])) exit; because every time I place it in subscribe.php and then manually subscribe I get the WSOD instead of the "You're Subscribed" page.
If you use input type="hidden" the spam bot will detect that it's a honey pot. So don't use that. Use CSS to hide it. Spam bots can't check CSS scripts.