Home

Awesome

Stack\Honeypot

A port of Rack::Honeypot to Stack for PHP.

Install

composer require stack/honey-pot:~1.0

Usage

Wrap your HttpKernelInterface app in an instance of CHH\Stack\Honeypot or add it to your middleware stack.

With stack/builder:

<?php

$options = [];

$app = (new Stack\Builder)
    ->push(CHH\Stack\Honeypot::class, $options)
    ->resolve($app);

Without the builder:

$app = new Stack\Honeypot($app, $options);

From Rack::Honeypot:

This middleware acts as a spam trap. It inserts, into every outputted <form>, a text field that a spambot will really want to fill in, but is actually not used by the app. The field is hidden to humans via CSS, and includes a warning label for screenreading software.

In the <body>:

<form>
  <div class='phonetoy'>
    <label for='email'>Don't fill in this field</label>
    <input type='text' name='email' value=''/>
  </div>
[...]

In the <head>:

<style type='text/css' media='all'>
  div.phonetoy {
    display:none;
  }
</style>

Then, for incoming requests, the middleware will check if the text field has been set to an unexpected value. If it has, that means a spambot has altered the field, and the spambot is booted to a dead end blank page.

There are a few options you can pass to the constructor (or to the Stack Builder):

License

See LICENSE.txt.