Our site’s suggestion box got hammered by a spambot recently, so I created this simple Rack middleware to protect our app from any requests that include a honeypot field:
Been using this in production for a few days; seems to work well. Interested in hearing comments on this technique.
Thanks to Zach Zolton for the idea, and to Trevor Turk for adding documentation.
[...] Honeypot filter as a Rack middleware Our site’s suggestion box got hammered by a spambot recently, so I created this simple Rack middleware to protect our app from any requests that include a honeypot field. [...]
Could the line;
<div class=”something_unique_to_your_app”>
be changed to
<div class=”<%= HONEYPOT_FIELD_NAME %>”>
to make it more DRY?
(third time’s a charm)
Would it make sense to block the ip address once the spammer tried to post to the honeypot field? or would that be too harsh?
© 2008 Geoff Buesing & Scott McMillin.
Powered by WordPress using a slightly modified DePo Clean Theme.
3 Comments