Drupal 7 Honeypot Module

By adam
Fri, 2014-09-19 07:48
Daily Dose of Drupal Episode #169

Share with Others

In this tutorial you will learn about the Honeypot module. The Honeypot modules is a SPAM prevention module that uses a hidden form field to catch SPAM bots from posting onto your site. This tutorial shows you how to configure the module to work on various forms on your site.

Hello everybody and welcome to Episode 169 of the Daily Dose of Drupal. Today we are looking at Spam prevention, it’s specifically the Honey Pot Module. As your site grows and you become more famous and get more visitors you inevitably are going to be hit with spam comments, spam user accounts and pretty much everything else. So unless you’re interested in cheap a little bit time handbags, the Honey Pot Module is a good resource to get rid of spam comments.

Before we jump into the module and show you how to set it up make sure to head on over to codekarate.com and then once you’re there check out the EBook, check out our other posts, interact with us in any way. Also you can check us out on Twitter, Google Plus, all kinds of places so make sure to interact. Alright let’s get started. So the Honey Pot Module here on Drupal, basically how the Honeypot Module works is it adds invisible field to any form that you specify and as a user you don’t see this field so you won’t fill it in but basically it doesn’t see the form right so it fills it in and then once that field has any information inside of it, it automatically spammed or caught it spam and then not posted to your site.

So that’s how the Honeypot Module works and setting it up is actually even easier than that. So go ahead and download it. We’re using the 7 version of this. It does have an 8 version already out so that’s nice. Pretty widely used here with 35 and a half thousand installs. So anyway, let’s get the module installed here, there it is, we’re just enabling it, once it gets enabled you can then go here and configure and then we’ll kind of work through the configuration page and that’s about it for the Honeypot Module.

So you can do a default protect all forms, that’s kind of what it sounds like. You can add the Honey Pot functionality to all forms on the site. I don’t necessarily doing that, I’d recommend setting it to only once that you specify. You can obviously block submissions via Honeypot so any…or excuse me, not block, logged at these submissions. This gets over, it can just get a lot in there. Of course if you have a lot of spam comments so none certainly needed but you can turn it on and just end up in your Reporting tab underneath Logs. This one is the invisible field, what the name of the field will be.

You can leave a default URL, sometimes you can change it to just a homepage and basically that’s just what the bottle COs, CO of field called Homepage and then it obviously want to add a homepage element to that but we’re actually tricking it. So I’ll leave all of your homepage for the example. Honeypot Timer, this one is kind of an interesting feature as well with Honeypot. Is it basically says if you load a page and if you submit the form within as specified here, 5 seconds we’re automatically going to think that spam and not that let that comment go through.

So you can set this time to 0 to say, don’t worry about that or you can set it to a higher or lower, 5 seconds seems to be a good general rule. So then here below is all of the forms that you can individually enable the Honeypot to work with. Some of the ones that we recommend with the user registration form, how it eliminates spam accounts. Any form that you get…that goes outside of your site. So it’s the contact forms and then the big one will be Comment forms. So I always would check all of the comment forms. So anything that you allow users to comment on is very likely to get spam comments. So eliminating those will cut down your amount by a ton.

This note forms, that kind of skip over that. The reason note form isn’t that relevant is because you don’t typically give access for users to create nodes on your sites so it’s not usually relevant to use the Honeypot Module on that. And that’s the other reason why I said don’t necessarily do it in all forms because it’s very much a wasted functionality. So this is what…I’m going to get the contact form too here. So these are the ones that I would say by default I would use. Again just a user registration forms, any other generic contact forms you might have and then comment forms as well. So you can go ahead and save that configuration. And that’s it.

So the Honeypot Module is now enabled on these forms that I set and again the form field to use, the end users are going to be hidden so you’re not going to be see any difference with your comment forms or either with your users but to bot they’re going to see a hidden field in there and they’re going to attempt to fill that form in. Alright guys, well that’s it for the Honeypot Module, make sure to check out all, I’ll have a blog post coming out here shortly as well, detailing how we sue the Honeypot Module at codekarate.com and the success and issues that we had using that as well. Alright until next time, see you.