Bots recognizing “id” of span wrapper

  • Resolved mreed3689

    (@mreed3689)


    6 years, 4 months ago

    Over the past week or 2, I’ve received a lot of spam from bots. It appears that the bots are using valid email addresses, but the names that are being used to submit these forms I’ve noticed are actually taking the 15-digit auto-generated id (i.e. hp5bc5f6aa8966a) and stripping off the “hp”. So I will receive a form with a valid email address but with the name “5bc5f6aa8966a”. This first started happening a few times per day but now I’m receiving at least 20 of these per day. In other words, there are bots that are starting to recognize this honeypot wrapper id.

    Do you have any suggestions on how to fix this? Or is this something that will need to be fixed with an update?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Ryan

    (@daobydesign)

    Interesting. Not sure how this could be combated. Modifying the wrapper HTML isn’t difficult (see the Installation page for details), but I can’t begin to figure out why the bot would grab that ID and use it as the name field… nor am I sure that any change in that would stop the bot.

    Ryan

    (@daobydesign)

    Hi @mreed3689, just a quick FYI to let you know I’ve just released a new version of the plugin that handles the ID generation differently. It now appends a more generic ‘wpcf7-‘ to the random ID, rather than “hp”. It can also be completely changed/overridden when creating the form and generating the Honeypot tag.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Bots recognizing “id” of span wrapper’ is closed to new replies.