Sign in Register
0 votes

Honeypot (spambot trap) - Beta

A basic Honeypot to trap bots from posting your forms, it can be used with Umbraco Forms or on custom forms. The idea is simple, add a random hidden field, if the field is populated and posted = it's probably a bot.

The logic is based on: https://github.com/usercode/AspNetCore.Honeypot

https://en.wikipedia.org/wiki/Honeypot_(computing)
"In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site which contains information or resources of value to attackers. It is actually isolated, monitored, and capable of blocking or analyzing the attackers. This is similar to police sting operations, colloquially known as "baiting" a suspect."

Install with Umbraco Forms installed

This will install the Core version and a new field in Umbraco Forms.


Install-Package Out.Umbraco.Honeypot

OR

dotnet add package Out.Umbraco.Honeypot

Install without Umbraco Forms


Install-Package Out.Umbraco.Honeypot.Core

OR

dotnet add package Out.Umbraco.Honeypot.Core



Usage

In your Umbraco Forms form, you will add the new field "Honeypot Field", the rest is automatic.

Or

Custom usage:


@addTagHelper *, Our.Umbraco.Honeypot.Core

<honeypot-field />
<honeypot-time />

Validation:


[HttpPost]
public async Task<IActionResult> Form(FormModel model)
{
    if (HttpContext.IsHoneypotTrapped())
    {
        //Log error
        return View("Form", model);
    }
}

 

Global settings


  "Our.Umbraco.Honeypot": {
    "HoneypotEnableFieldCheck": true, 
    "HoneypotEnableTimeCheck": true,
    "HoneypotPrefixFieldName": "hp_",
    "HoneypotSuffixFieldName": "",
    "HoneypotTimeFieldName": "__time",
    "HoneypotMinTimeDuration": "00:02:00,
    "HoneypotFieldStyles": "display: none !important; position: absolute !important; left: -9000px !important;",
    "HoneypotFieldClass": "hp-field",
    "HoneypotFieldNames": [ "Name", "Phone", "Comment", "Message", "Email", "Website" ],
    "HoneypotMessage": "Something went wrong (HP)"
  }

Screenshots

NuGet install instructions for Umbraco 9+

dotnet add package Our.Umbraco.Honeypot

Package owner

Dennis Öhman

Dennis Öhman

Dennis has 177 karma points
c-trib

Package Compatibility

This package is compatible with the following versions as reported by community members who have downloaded this package:
Untested or doesn't work on Umbraco Cloud
Version 8.18.x (untested)

You must login before you can report on package compatibility.

Previously reported to work on versions:

Package Information

  • Package owner: Dennis Öhman
  • Created: 28/08/2022
  • Current version 0.1.3
  • License MIT
  • Downloads on Our: 0
  • Downloads on NuGet: 4.7K
  • Total downloads : 4.7K

External resources