HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Honeypot 0.1 (Beta)

Add a 'Honeypot Captcha' to the 'Apply for membership' form.

The Honeypot extension uses an input box that is hidden using CSS. The idea is that a Spambot will 'see' this input box and fill it with text. Honeypot will reject any application that includes text in this input.

For more information about 'Honeypot Captchas' see http://haacked.com/archive/2007/09/11/honeypot-captcha.aspx

There are a couple of issues however that you should be aware of before enabling 'Honeypot':

- Visually impaired users will 'see' this input box as it will not be invisible to their 'text-readers'.
- It is possible that a page that uses a 'Honeypot Captcha' might fall foul of Google's Webmaster Guidelines (see below).

Google does not like pages with hidden DIVs. Their guidelines state that the page as viewed by their webcrawler should be the same as the page viewed by a user. This is to prevent a page including a load of text which is hidden from the user but boosts the page ranking a.k.a 'Cloaking'.

This extension does not hide any text from the user, just an input box.

If you are concerned about this issue then my feeling is that you could get Google to ignore the 'people.php' page by using a 'Robots.txt' file with the following entries:

User-Agent: Googlebot Disallow: /people.php

For more information see:


Future Development
When I get a moment I'll look at adding a 'Honeypot Captcha' to the 'Post comment' page when 'Guest' postings are allowed.