On Thu, Oct 8, 2009 at 12:12 AM, Kenneth Gonsalves <law...@thenilgiris.com>wrote:
> > On Thursday 08 Oct 2009 9:32:23 am Joshua Partogi wrote: > > I want to ask for your advice here regarding the honeypot field in > > django comments. Is it really useful to prevent spam? Or should we add > > another method for spam prevention and shouldn't really rely on this > > honeypot. I currently been getting several spams on my site but I'm > > not sure whether the spammer is a bot or a human though. If it is a > > spam bot, it would be very interesting how a bot can recognize there's > > a hidden honeypot field and by-pass it. Or would a spam bot be able to > > recognize visible fields and fill in only those visible fields? > > Anybody have any advise and experience with django comments spam > > prevention? > > the only time I used the honeypot I took tremendous flak from users who > were > getting caught in it - and anyway that particular app required a login for > comments, so I safely removed it. > > How did your users know it was there? It should be hidden. If it's hidden, even the developers who know what is happening shouldn't complain. I have a site that seems to get crawled by bots quite frequently. I had a feedback form that didn't have a honeypot originally. I got about 3-4 pieces of spam a day. Turning on the honey pot, I only have gotten a few pieces of spam. The honeypot isn't the most effective spam measure but it is an easy and cheap way to catch the type of spam bots that crawl looking for any input to place their ugliness. You don't need to ping a service like Askimet and the item doesn't need to hit the db. IMO there is no reason not to have this in any form that you think might get spammed. It helps out, and it doesn't harm anything. I would still use another service for spam as well, but this is the most base check I can think of. Hppe that helps, Michael --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
