Using Honeypot for spam protection
Honeypot protection provides security mechanisms to protect your CMS Portal site from form submission by spam bots. If spam bot activity is detected, form submission is blocked.
Before you begin
You must have administrator access to the CMS Portal to complete this
task.
Note: This module synchronizes the credentials of applications that are created by consumers in
the CMS Portal site UI. It cannot synchronize the credentials for applications that are created by
the provider in the API Manager UI.
About this task
Honeypot protection provides the following security mechanisms:
- A hidden field, unseen by users, is added to the form. If a value has been entered in the field when the form is submitted then this indicates that the form was completed by a spam bot, and the submission is blocked. You can specify the name of the hidden field.
- If the form is submitted before a specified time has elapsed (five seconds by default), it is assumed that this is too short a time for a human to have completed the form, and the submission is blocked. You can specify the time length.
Note: If you want to carry out automated testing of your CMS Portal, you might need to disable the Honeypot module, because Honeyspot spam protection is designed specifically to block automated CMS Portal usage. For details on how to disable a module, see Disabling modules.
Procedure
To configure Honeypot for spam protection in the CMS Portal, complete the following steps: