Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

Honeypot field for an input field?

Avatar

Level 8

Hi

We have a simple input field with a send button. For the input field we implement some validation and when the criteria are met we send the received input to an email address using a POST request.

My question is do we need to generate a honeypot field for this and what would be the benefit of doing that?

<span class="c-field__wrap">
<input placeholder="" type="text" class="c-field__input">
<span class="c-field__label">${'voteTeaser:feedback.input.label' @ i18n}</span>
<span class="c-field__decoration"></span>
</span>
<div class="l-grid__cell l-grid__cell--1/1 l-grid__cell--align-right">
<button data-vote-teaser-button-send class="c-button c-button--secondary">
<span class="c-button__label">${'voteTeaser:button.send' @ i18n}</span>
</button>
</div>

3 Replies

Avatar

Community Advisor

@anasustic A honeypot is a field added to the form that the users can’t see due to CSS or JavaScript (which hides the field). It depends on your use case and frequency of sending details to emails using the input field. Implementing Honeypot will block spammers and bots that could attack your website forms.

https://www.smartfile.com/blog/captchas-dont-work-how-to-trick-spam-bots-with-a-smarter-honey-pot/

https://dev.to/felipperegazio/how-to-create-a-simple-honeypot-to-protect-your-web-forms-from-spammer...

Avatar

Employee Advisor

Honeypot is an old way to avoid spams by adding a tricky field in your form, but now hackers are quite smart, so it's observed that honeypots are not much effective.

Rather, it's advised to use Captcha with client-side and server-side validation.