The principle of a honeypot is simple — bots are stupid. While some spam is hand-delivered, the vast majority is submitted by bots scripted in a specific (wide-scope) way to submit spam to the largest number of form types. In this way they somewhat blindly fill in fields, irregardless of whether the field should be filled in or not. This is how a honeypot catches the bot — it introduces an additional field in the form that if filled out will cause the form not to validate.
- Upload plugin files to your plugins folder or install using WordPress’ “Add Plugin” feature — just search for “Contact Form 7 Honeypot”
- Activate the plugin
- Edit a form in Contact Form 7
- Choose “Honeypot” from the Generate Tag dropdown. Recommended: change the honeypot element’s ID.
- Insert the generated tag anywhere in your form. The added field uses inline CSS styles to hide the field from your visitors.
Frequently Asked Questions
Will this module stop all my contact form spam?
Probably not. But it should reduce it to a level whereby you don’t require any additonal spam challenges (CAPTCHA, math questions, etc.).
Are honeypots better than CAPTCHAs?
This largely depends on the quality of the CAPTCHA. Unfortunately the more difficult a CAPTCHA is to break, the more user-unfriendly it is. This honeypot module was created because we don’t like CAPTCHA’s cluttering up our forms. Our recommendation is to try this module first, and if you find that it doesn’t stop enough spam, then employ more challenging anti-spam techniques.
What is the plugin license?
This plugin is released under a GPL license.