Since the launch of StaticForms there has been a steady flow of enquiries through the contact form on the home page. That's the good news. The bad news is that some general-updatesof those enquiries have been spam.
Today's release enables a simple, but effective, solution to this problem: honeypot fields.
A "honeypot" field lures bots into filling out fields that real users can't see. A form submitted with a completed honeypot field can be safely rejected because a real user would never see, and so could never complete, the field.
There's no configuration required other than to add a hidden field with the name
_honeypot to your forms.
<input name="_honeypot" type="hidden" style="display:none" />
In this first release, if we find a field named "_honeypot" when we process a form submission we flag that submission as possible spam. You can change the status from spam to verified, or vice versa, through the Submissions List.
Next up we'll add filter in the Submissions List and the option to delete spam submissions completely.