Download the PHP package middlewares/honeypot without Composer
On this page you can find all versions of the php package middlewares/honeypot. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download middlewares/honeypot
More information about middlewares/honeypot
Files in middlewares/honeypot
Package honeypot
Short Description Middleware to implement a honeypot spam prevention
License MIT
Homepage https://github.com/middlewares/honeypot
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package honeypot
middlewares/honeypot
Middleware to implement a honeypot spam prevention. This technique is based on creating a input field that should be invisible and left empty by real users but filled by most spam bots. The middleware check in the incoming requests whether this value exists and is empty (is a real user) or doesn't exist or has a value (is a bot) returning a 403 response.
Requirements
- PHP >= 7.2
- A PSR-7 http library
- A PSR-15 middleware dispatcher
Installation
This package is installable and autoloadable via Composer as middlewares/honeypot.
Example
Usage
In your forms, you have to include a <input> element that will be used as trap:
The middleware by default expect the input name is hpt_name but you can change it. Note also the css code that hide the honeypot, so users do not see anything, only robots. You may need to add some accesibility attributes like aria-label for screen readers.
Optionally, you can provide a Psr\Http\Message\ResponseFactoryInterface as the second argument to create the error response (403) when spam is detected. If it's not defined, Middleware\Utils\Factory will be used to detect it automatically.
Helpers
getField
This static method is provided to ease the creation of the input field, accepting two arguments: the input name and a label used for screen readers. If no name is provided, use the same name passed previously to the middleware.
Example:
getHiddenField
This static method generates the input field just like getField() does, but adds inline CSS to hide the field directly. Note: This may be easier to detect for some bots.
If you want to get creative with hiding the field, use getField() in combination with custom CSS (or JS).
Please see CONTRIBUTING for contributing details.
The MIT License (MIT). Please see LICENSE for more information.
All versions of honeypot with dependencies
middlewares/utils Version ^3.0
psr/http-server-middleware Version ^1.0