Fixed empty UA string error
Added payload to log and filtering; Log and rule files are easier to change
Init commit
On my website I use FormSubmit.io in order to allow readers to get in touch with me without disclosing my email address. Lately I've noticed that despite FormSubmit having some sort of anti-spam measures, I am still getting trash to my email inbox. I figured these must be bots, so I decided to make a somewhat simple honeypot solution to try and address this issue.
Note: Use this code at your own risk. I am currently still testing whether this actually works (it did work in testing) and whether it's effective. If you've got any ideas how it could be improved, let me know!
**form.html
** is a fairly simple contact form that uses redirector.php
as the action: <form id="contactform" action="/redirector.php" method="POST">
It contains two honeypot fields (in my use-case) of two different types:
type=hidden
field: <input name="email" id="email" type="hidden" value="">
type=text
field that is hidden with CSS: <input name="name" id="name" type="text" autocomplete="off" style="opacity:0;position:absolute;z-index:-1;top:0;left:0;height:0;width:0" tabindex="-1">
**redirector.php
** checks if the current visitor is already banned from sending forms, bans them if honeypot fields are triggerred, forwards the request to FormSubmit and shows an error message.
**formspam.php
** contains all the logic.
log.txt
and rules.txt
any way you choose, e.g. placing the files outside of htdocs
.