Honeypot Configuration

What is a Honeypot?

Honeypot is an anti-spam technique that uses a field hidden from humans through design options in Cascading Stylesheets (CSS), but remains visible to bots and spammers. By virtue of these annoyances’ programming, they will attempt to fill in every single field they can find in a web form. When it completes the hidden field, the Honeypot programming recognizes it as a fake submission and prevents the data from being captured, thus protecting the valid data submitted by human beings. 

How to use your Honeypot Configuration Settings

  1. Using your admin panel, navigate to Manage > Configuration > Content authoring > Honeypot configuration.
  2. Honeypot configuration options:
    • Protect all forms with Honeypot - Enable Honeypot protection for ALL forms on this site. it is best to only enable Honeypot for the forms you need, which will be listed in the section called Honeypot Enabled Forms. Page caching will be disabled on any page where a form is present if the Honeypot time limit is not set to 0.
    • Log blocked form submissions - Log submissions that are blocked due to Honeypot protection.
    • Honeypot element name - The name of the Honeypot form field. It's usually most effective to use a generic name like email, homepage, or link, but this should be changed if it interferes with fields that are already in your forms. Must not contain spaces or special characters.
    • Honeypot time limit (set to 5 seconds by default) - Minimum time required before form should be considered entered by a human instead of a bot. Set to 0 to disable. Page caching will be disabled if there is a form protected by time limit on the page.
  3. Honeypot Enabled Forms - this region will list all the forms currently available on your site. This section allows you to pick and choose which forms will have Honeypot enabled. Use the Protect all forms with Honeypot if you want to include all forms on your site instead.
  4. Click Save configuration to finish.