Hi MJ,
Yes, that’s correct — our forms do include a honeypot field when the Enable anti-spam honeypot option is checked (in the form builder under Settings > General).
However, this honeypot isn’t visible to human users. Instead, it works by only being visible to bots — a common method of mass spamming. That way, when the honeypot field is filled out the form can automatically know that the user was a spambot.
On many sites, this honeypot is enough by itself to avoid spam entries. If you’re still receiving spam, however, or if you’d like to take an extra precaution against it, reCAPTCHA is a great additional option.
We’ve included Google reCAPTCHA integration (both their checkbox and invisible options) in all versions of our plugin so there’s no need to touch any code to get it set up. Here’s our tutorial on the steps to setup reCAPTCHA for your forms.
I hope that helps! If you have any questions, please let me know 🙂
Thread Starter
MJ
(@prmyapps)
> our forms do include a honeypot field
thank you very much for your reply. However, what I meant was, how do I confirm the honeypot is present/working, other than by not receiving spam mail?
when the post is rendered, i expected to see a blank input field in the source, as in the Drupal Stackexchange post below. But I couldn’t find a hidden field in the rendered source…
https://drupal.stackexchange.com/questions/42413/how-to-test-if-honeypot-is-working-on-a-form
I apologize if this is a stupid question.
Hi MJ,
Thanks for the clarification! You can definitely check this out in the same way mentioned in that link if you’d like.
Here’s a screencast video I created to demo how you’d find the honeypot field in WPForms.
To see that code, I used Chrome’s Developer Tool – though a few other browsers have similar options (in case it helps, here’s a tutorial by WPBeginner on inspecting an element with Chrome).
Also, you’ll see from that video that my honeypot field happened to look like a Name field. This will be randomly generated with each refresh, so if you follow those steps you may see a field with a different name. However, the container, etc will look the same in the HTML.
I hope that answers your question a bit better! If not, or if you have additional questions, please let me know 🙂
Thread Starter
MJ
(@prmyapps)
Wow, thank you so much for making that screencast video for me. I should have realized your field would be named something other than honeypot. I guess I assumed honeypot was a universal identifier. Sorry for my stupidity!
And thank you again for your help. It was above and beyond the call of duty!
have a great 2018!
p.s. I checkmarked the box to “Reply and mark as resolved”, but the webpage is telling me that my author name and email address are invalid.
Happy to help, MJ, and hope you have a great 2018 also! 🙂
. Reason: found the honeypot setting checkbox
