What is a honeypot field?

A honeypot field is a simple but effective mechanism for stopping spambots. The idea is to add a field to an online form, which is only visible to bots, and not visible to humans. If this field is filled in, we can safely assume that the form was posted by a bot and therefore can be dismissed.

How is a honeypot field implemented?

The honeypot field needs to be added to your HTML form. This field is called 'email_field' in Rule (it has a deliberately generic name to avoid attracting the attention of spammers). The name of this field is important and must not be changed. When you post to the Rules API, you only need to include this field, i.e. do not remove or rename this field 'email_field'.

Example code:

<style>
     <!-- This is the normal part of the form, that humans see -->
    .rulemailer-subscriber-widget {font-family: Helvetica, sans-serif;width: 500px;} 
    ... 
     <!-- This is the hidden part of the form, that only bots see -->
    .rulemailer-email-check {display: none !important;} 
</style>
<div class="rulemailer-subscriber-widget">
     <form id="rule-optin-form" action="https://example.com/api/signup" method="POST">
         ... 
         <!-- This is the normal input, that humans fill in -->
         <label>Email address</label>
         <input type="email" placeholder="Email address" name="email" required="required">
         <!-- This is the honey pot, that humans don't see, but bots see and fill in -->
         <label class="rulemailer-email-check">Are you machine?</label>
         <input type="checkbox" name="email_field" class="rulemailer-email-check" value="1" tabindex="-1" autocomplete="off">
         ...
    </form>
</div>