WP Armour – Honeypot Anti Spam

Version Description

Added support for Formidable Forms
Added honeypot spam statistics

Release Info

Developer	dnesscarkey
Plugin	WP Armour – Honeypot Anti Spam
Version	1.4
Comparing to
See all releases

Code changes from version 1.3 to 1.4

Files changed (8) hide show

includes/integration/wpa_formidable.php +10 -0
includes/js/wpa.js +2 -11
includes/views/wpa_extended_version.php +0 -4
includes/views/wpa_stats.php +89 -0
includes/wpa_functions.php +67 -0
readme.txt +66 -23
screenshot-2.png +0 -0
wp-armour.php +5 -2

includes/integration/wpa_formidable.php ADDED Viewed

	@@ -0,0 +1,10 @@


1	+ <?php
2	+ add_filter( 'frm_validate_entry', 'wpa_formidable_extra_validation', 10, 2 );
3	+
4	+ function wpa_formidable_extra_validation($errors, $values){
5	+ if (!isset($_POST[ $GLOBALS['wpa_field_name']] )){
6	+ do_action('wpa_handle_spammers','formidable');
7	+ $errors['my_error'] = $GLOBALS['wpa_error_message'];
8	+ }
9	+ return $errors;
10	+ }

includes/js/wpa.js CHANGED Viewed

	@@ -1,19 +1,10 @@
1	jQuery(document).ready(function(){
2	-
3	- //alert('2');
4	-
5	jQuery('.bbp-topic-form form').append(wpa_hidden_field); // BBPRESS TOPIC
6	jQuery('.bbp-reply-form form').append(wpa_hidden_field); // BBPRESS REPLY
7	jQuery('form#commentform').append(wpa_hidden_field); // WP COMMENT
8	jQuery('form#registerform').append(wpa_hidden_field); // WP REGISTRATION
9	jQuery('form.wpcf7-form').append(wpa_hidden_field); // CONTACT FORM 7
10	jQuery('form.wpforms-form').append(wpa_hidden_field); // WPFFORMS
11	-
12	jQuery('.gform_wrapper form').append(wpa_hidden_field); // GRAVITY FORMS
13	-
14	-
15	-
16	-
17	- });
18	-
19	-


1	jQuery(document).ready(function(){



2	jQuery('.bbp-topic-form form').append(wpa_hidden_field); // BBPRESS TOPIC
3	jQuery('.bbp-reply-form form').append(wpa_hidden_field); // BBPRESS REPLY
4	jQuery('form#commentform').append(wpa_hidden_field); // WP COMMENT
5	jQuery('form#registerform').append(wpa_hidden_field); // WP REGISTRATION
6	jQuery('form.wpcf7-form').append(wpa_hidden_field); // CONTACT FORM 7
7	jQuery('form.wpforms-form').append(wpa_hidden_field); // WPFFORMS

8	jQuery('.gform_wrapper form').append(wpa_hidden_field); // GRAVITY FORMS
9	+ jQuery('.frm_forms form').append(wpa_hidden_field); // Formidible forms
10	+ });

includes/views/wpa_extended_version.php CHANGED Viewed

	@@ -6,10 +6,6 @@
6	<div class="why_extended">
7	<h3>Extra Tools that WP Armour Extended offers to make WP Armour more powerfull.</h3>
8	<ul>
9	- <li><label>Spam Prevention Statistics</label>
10	- Numerical stats and graph Visualization of spam bots.
11	- </li>
12	-
13	<li><label>Record Spammer IP</label>
14	Can record Spammer IPs. Usefull if you want them to block for further submission.
15	</li>


6	<div class="why_extended">
7	<h3>Extra Tools that WP Armour Extended offers to make WP Armour more powerfull.</h3>
8	<ul>




9	<li><label>Record Spammer IP</label>
10	Can record Spammer IPs. Usefull if you want them to block for further submission.
11	</li>

includes/views/wpa_stats.php ADDED Viewed

	@@ -0,0 +1,89 @@


1	+ <?php
2	+ $currentStats = json_decode(get_option('wpa_stats'), true);
3	+ $todayDate = $currentStats['total']['today']['date'];
4	+ $weekDate = $currentStats['total']['week']['date'];
5	+ $monthDate = $currentStats['total']['month']['date'];
6	+ ?>
7	+ <br/>
8	+ <table class="wp-list-table widefat fixed bookmarks">
9	+ <thead>
10	+ <tr>
11	+ <th colspan="5"><strong>Quick Stats</strong></th>
12	+ </tr>
13	+ </thead>
14	+ <tbody>
15	+ <tr>
16	+ <td><strong>Source</strong></td>
17	+ <td><strong>Today</strong></td>
18	+ <td><strong>This Week</strong></td>
19	+ <td><strong>This Month</strong></td>
20	+ <td><strong>All Time</strong></td>
21	+ </tr>
22	+ <?php
23	+ if (!empty($currentStats)){
24	+ foreach ($currentStats as $source=>$statData): ?>
25	+ <tr>
26	+ <td><strong><?php echo ucfirst($source); ?></strong></td>
27	+ <td><?php echo wpa_check_date($todayDate,'today')?$statData['today']['count']:'0'; ?></td>
28	+ <td><?php echo wpa_check_date($weekDate,'week')?$statData['week']['count']:'0'; ?></td>
29	+ <td><?php echo wpa_check_date($monthDate,'month')?$statData['month']['count']:'0'; ?></td>
30	+ <td><?php echo $statData['all_time']; ?></td>
31	+ </tr>
32	+ <?php endforeach;
33	+ } else { ?>
34	+ <tr><td colspan="5">No Record Found</td></tr>
35	+ <?php } ?>
36	+
37	+ </tbody>
38	+ </table><br/>
39	+ <br/>
40	+ <table class="wp-list-table widefat fixed bookmarks">
41	+ <thead>
42	+ <tr>
43	+ <th colspan="2"><strong>Visualization </strong></th>
44	+ </tr>
45	+ </thead>
46	+ <tbody>
47	+ <tr>
48	+ <td colspan="2">
49	+ <script type="text/javascript" src="https://www.gstatic.com/charts/loader.js"></script>
50	+ <script type="text/javascript">
51	+ google.charts.load('current', {'packages':['bar']});
52	+ google.charts.setOnLoadCallback(drawChart);
53	+
54	+ function drawChart() {
55	+ var data = google.visualization.arrayToDataTable([
56	+ ['Source', 'Today', 'This Week','This Month', 'All Time'],
57	+ <?php foreach ($currentStats as $source=>$statData): ?>
58	+ [
59	+ '<?php echo ucfirst($source); ?>',
60	+ <?php echo wpa_check_date($todayDate,'today')?$statData['today']['count']:'0'; ?>,
61	+ <?php echo wpa_check_date($weekDate,'week')?$statData['week']['count']:'0'; ?>,
62	+ <?php echo wpa_check_date($monthDate,'month')?$statData['month']['count']:'0'; ?>,
63	+ <?php echo $statData['all_time']; ?>
64	+ ],
65	+ <?php endforeach;?>
66	+ ]);
67	+
68	+ var options = {
69	+ chart: {
70	+ title: 'Spams Blocked By WP Armour',
71	+ hAxis: {title: 'Source', titleTextStyle: {color: 'red'}},
72	+
73	+ },
74	+ colors:['#bedcf5','#75b5e9','#2c8ddd','#19609b']
75	+ };
76	+
77	+ var chart = new google.charts.Bar(document.getElementById('wpae_chart_div'));
78	+
79	+ chart.draw(data, google.charts.Bar.convertOptions(options));
80	+ }
81	+ </script>
82	+
83	+ <div id="wpae_chart_div" style="width:100%; height:400px; margin-top:15px; margin-bottom:10px;">
84	+ </div>
85	+
86	+ </td>
87	+ </tr>
88	+ </tbody>
89	+ </table><br/>

includes/wpa_functions.php CHANGED Viewed

@@ -11,6 +11,7 @@ function wpa_plugin_menu(){
             function wpa_options(){
             	$wpa_tabs = array(
             				'settings' => array('name'=>'Settings','path'=>'wpa_settings.php'),
             				'extended_version' => array('name'=>"What's in WP Armour Extended ?",'path'=>'wpa_extended_version.php')
             	);
@@ -34,4 +35,70 @@ function wpa_save_settings(){
             	$return['status']   = 'ok';
             	$return['body'] 	= 'Settings Saved';
             	return $return;
+            }


11	function wpa_options(){
12	$wpa_tabs = array(
13	'settings' => array('name'=>'Settings','path'=>'wpa_settings.php'),
14	+ 'stats' => array('name'=>'Statistics','path'=>'wpa_stats.php'),
15	'extended_version' => array('name'=>"What's in WP Armour Extended ?",'path'=>'wpa_extended_version.php')
16
17	);

35	$return['status'] = 'ok';
36	$return['body'] = 'Settings Saved';
37	return $return;
38	+ }
39	+
40	+ function wpa_save_stats($wp_system){
41	+ $currentStats = json_decode(get_option('wpa_stats'), true);
42	+ if (wpa_check_date($currentStats['total']['today']['date'],'today')){
43	+ $currentStats['total']['today']['count'] += 1;
44	+ @$currentStats[$wp_system]['today']['count'] += 1;
45	+ } else {
46	+ $currentStats['total']['today']['date'] = date('Ymd');
47	+ $currentStats['total']['today']['count'] = 1;
48	+ @$currentStats[$wp_system]['today']['count'] = 1;
49	+ }
50	+
51	+ if (wpa_check_date($currentStats['total']['week']['date'],'week')){
52	+ $currentStats['total']['week']['count'] += 1;
53	+ @$currentStats[$wp_system]['week']['count'] += 1;
54	+ } else {
55	+ $currentStats['total']['week']['date'] = date('Ymd');
56	+ $currentStats['total']['week']['count'] = 1;
57	+ @$currentStats[$wp_system]['week']['count'] = 1;
58	+ }
59	+
60	+ if (wpa_check_date($currentStats['total']['month']['date'],'month')){
61	+ $currentStats['total']['month']['count'] += 1;
62	+ @$currentStats[$wp_system]['month']['count'] += 1;
63	+ } else {
64	+ $currentStats['total']['month']['date'] = date('Ymd');
65	+ $currentStats['total']['month']['count'] = 1;
66	+ @$currentStats[$wp_system]['month']['count'] = 1;
67	+ }
68	+
69	+ $currentStats['total']['all_time'] += 1;
70	+ @$currentStats[$wp_system]['all_time'] += 1;
71	+
72	+ update_option('wpa_stats', json_encode($currentStats));
73	+ }
74	+
75	+ function wpa_check_date($timestamp, $comparision){
76	+ switch ($comparision) {
77	+ case 'today':
78	+ if (date('Ymd') == $timestamp){
79	+ return true;
80	+ } else {
81	+ return false;
82	+ }
83	+ break;
84	+
85	+ case 'week':
86	+ $firstWeekDay = date("Ymd", strtotime('monday this week'));
87	+ $lastWeekDay = date("Ymd", strtotime('sunday this week'));
88	+
89	+ if($timestamp >= $firstWeekDay && $timestamp <= $lastWeekDay) {
90	+ return true;
91	+ } else {
92	+ return false;
93	+ }
94	+ break;
95	+
96	+ case 'month':
97	+ if(date('Ym',strtotime($timestamp)) == date('Ym')) {
98	+ return true;
99	+ } else {
100	+ return false;
101	+ }
102	+ break;
103	+ }
104	}

readme.txt CHANGED Viewed

@@ -1,66 +1,109 @@
             === WP Armour - Honeypot Anti Spam Plugin ===
             Contributors: dnesscarkey
-            -
            Tags: anti-spam, block spam, gravity forms, bbpress, contact form 7
             Requires at least: 3.0
             Tested up to: 5.4.2
-            -
            Stable tag: 1.3
             License: GPLv2 or later
             License URI: https://www.gnu.org/licenses/gpl-2.0.html
-            -
            Uses Honepot revised technic to block spam bots effectively in Comments, Registration, BBPress Forums, Contact Form 7, Gravity Forms, Ninja Forms.
             == Description ==
-            -
            This plugins block spammer submissions using HoneyPot Technic. No Captcha or extra verification field hassle to the users. Only lets spam bots to suffer.
-            -
            <strong>What is HoneyPot ? </strong>
-            -
            As of now spam bots are unable to handle javascript and we exploit this point to add an extra fields to your forms. Since spam bots are not able to see that field, we check if that field exists or not. If that field doesn't exists we will block spam submission.
-            -
            <strong>It works with </strong>
-            -
            * BBPress
-            -
            * WP Comments
-            -
            * WP Registraton
-            -
            * BBPress Forum
-            -
            * Contact Form 7
-            -
            * Ninja Forms
-            -
            * Gravity Forms
-            -
            * Wp Forms
             <strong>Our other plugins</strong>
             * <a target="_blank" href="http://wordpress.org/extend/plugins/use-any-font">Use Any Font</a>
             * <a target="_blank" href="http://wordpress.org/plugins/wp-masonry-layout/">WP Masonry Layout</a>
             * <a target="_blank" href="http://wordpress.org/extend/plugins/any-mobile-theme-switcher/">Any Mobile Theme Switcher</a>
             * <a target="_blank" href="http://wordpress.org/extend/plugins/jquery-validation-for-contact-form-7/">Jquery Validation For Contact Form 7</a>
-            -
            * <a target="_blank" href="https://wordpress.org/plugins/email-checker/">Download
-            -
            Deliverability Email Validation</a>
             * <a target="_blank" href="http://wordpress.org/extend/plugins/add-tags-and-category-to-page/">Add Tags And Category To Page</a>
             * <a target="_blank" href="http://wordpress.org/extend/plugins/block-specific-plugin-updates/">Block Specific Plugin Updates</a>
             * <a target="_blank" href="http://wordpress.org/extend/plugins/featured-image-in-rss-feed/">Featured Image In RSS Feed</a>
-            -
            * <a target="_blank" href="http://wordpress.org/extend/plugins/html-in-category-and-pages/">.html in category and page url</a>
             == Installation ==
-            -
-            -
            1. Install the plugin and activate it. That's all it is needed.
-            -
            2. You can also access the settings from WP Armour menu.
             == Frequently Asked Questions ==
             = Forms i am using is not supported. Can you help ? =
-            -
            Ya, Please write to us and we will add support to it.
             = Do i need Captcha verification ? =
             No, with this plugin you don't need Captcha. Lets avoid hassle for common users.
             == Screenshots ==
 . Screenshot #1. WP Armour - Honeypot Anti Spam Settings.
             == Changelog ==
             = = 1.3 =
-            -
            * Rebranding
             = = 1.1 =
             * Removed unwanted settings.


1	=== WP Armour - Honeypot Anti Spam Plugin ===
2	Contributors: dnesscarkey
3	+ Tags: honeypot, block spam, gravity forms, bbpress, contact form 7
4	Requires at least: 3.0
5	Tested up to: 5.4.2
6	+ Stable tag: 1.4
7	License: GPLv2 or later
8	License URI: https://www.gnu.org/licenses/gpl-2.0.html
9
10	+ Uses honeypot trap to block spam bots effectively in Contact Form 7, Gravity Forms, Ninja Forms, Formidable Forms, Comments, Registration, BBPress Forums.
11
12	== Description ==
13	+ This plugins block spammer submissions using honeypot technic. No Captcha or extra verification field hassle to the users. Only lets spam bots to suffer using honeypot fields.
14
15	+ <strong>What is honeypot ? </strong>
16	+ As of now spam bots are unable to handle javascript and we exploit this point to add an extra fields to your forms using javascript. Since spam bots are not able to see that field, we check if that field exists or not. If that field doesn't exists we will block spam submission.
17
18	+ <strong>It works </strong>
19
20	+ * For BBPress
21	+ * For WP Comments
22	+ * For WP Registraton
23	+ * For BBPress Forum
24	+ * For Contact Form 7
25	+ * For Ninja Forms
26	+ * For Gravity Forms
27	+ * For WP Forms
28	+ * For Formidable Forms
29	+
30	+ <strong>How our plugin is different than other honeypot plugins ? </strong>
31	+
32	+ * Works for most of the forms and wordpress system including registation and comments. So All in one solution.
33	+ * Spam bots can't use javascript so we use javascript to insert honeypot field in the form and spam bots can't fill it to pass spam test.
34	+ * Unique honeypot field name generated for each wordpress installation, so it is hard for spam bots to make one fit for all solution to bypass honeypot spam test.
35	+
36	+ <strong>Support</strong>
37	+
38	+ If you have any issue, you can write to using our <a href="https://dineshkarki.com.np/forums/forum/wp-armour-honeypot-anti-spam" target="_blank">support forum.</a>
39
40	<strong>Our other plugins</strong>
41	+
42	* <a target="_blank" href="http://wordpress.org/extend/plugins/use-any-font">Use Any Font</a>
43	* <a target="_blank" href="http://wordpress.org/plugins/wp-masonry-layout/">WP Masonry Layout</a>
44	* <a target="_blank" href="http://wordpress.org/extend/plugins/any-mobile-theme-switcher/">Any Mobile Theme Switcher</a>
45	* <a target="_blank" href="http://wordpress.org/extend/plugins/jquery-validation-for-contact-form-7/">Jquery Validation For Contact Form 7</a>
46	+ * <a target="_blank" href="https://wordpress.org/plugins/email-checker/">Deliverability Email Validation</a>

47	* <a target="_blank" href="http://wordpress.org/extend/plugins/add-tags-and-category-to-page/">Add Tags And Category To Page</a>
48	* <a target="_blank" href="http://wordpress.org/extend/plugins/block-specific-plugin-updates/">Block Specific Plugin Updates</a>
49	* <a target="_blank" href="http://wordpress.org/extend/plugins/featured-image-in-rss-feed/">Featured Image In RSS Feed</a>

50
51
52	== Installation ==
53	+ 1. You can install plugin directly from Wordpress Plugin menu. Search for WP Armour - Honeypot Anti Spam plugin and click on Install OR you can download the plugin and install honeypot.zip from Upload Plugin button from Wordpress Plugin menu.
54	+ 2. You can also access the settings from WP Armour menu. From there you can change honeypot field name and honeypot spam submission message.
55	+ 3. Please check your forms, comments, bbpress, registration to confirm they are working after honeypot is placed.
56
57	== Frequently Asked Questions ==
58
59	+ = How this plugin is different than other honeypot plugins ? =
60	+
61	+ We have used the honeypot technic differently in this plugin to make it work better. What other plugin does is, they add honeypot field from server side (PHP) and check if the spam bot have filled that field or not. If it is filled it is marked as spam. But in our case, we add honeypot field from client side (Javascript) and check if honeypot field exists or not. Spam bots can't use javascript and honeypot field is not available for them. This way we can better trap spam bots.
62	+
63	+ = Will it block all the spam submission ? =
64	+
65	+ Spam submission are either created by spam bots or by manual submission from users. Honeypot trap is for spam bots only. So there won't be submission from spam bots.
66	+
67	= Forms i am using is not supported. Can you help ? =
68
69	+ Ya, Please write to us using <a href="https://dineshkarki.com.np/forums/forum/wp-armour-honeypot-anti-spam" target="_blank">support forum</a> and we will try to add honeypot support to it.
70	+
71	+ = How can i verify that honeypot is working in my forms ? =
72	+
73	+ Honeypot is a trap for spam bots, so it is not visible for users. However, you can disable javascript (almost all spam bots don't use javascript) and check if spam bots are being blocked or not.
74	+
75	+ = How can i verify that honeypot is working in my forms ? =
76	+
77	+ Honeypot is a trap for spam bots, so it is not visible for users. However, you can disable javascript (almost all spam bots don't use javascript) and check if spam bots are being blocked or not.
78
79	= Do i need Captcha verification ? =
80
81	No, with this plugin you don't need Captcha. Lets avoid hassle for common users.
82
83	+ = I am already using reCaptcha but still getting spam. Can this plugin stop spammers ? =
84	+
85	+ Yes. Spam bots are now able to solve the captcha puzzle. So they are no longer effective. Our plugin's javascript based honeypot field insertion can block them as spam bots can't use javascript.
86	+
87	+ = I see settings to change honeypot field name. Do i need to change it ? =
88	+
89	+ By default our plugin generates unqiue honeypot field name so that the slim chance of spam bots using the field to submit spam is more slimmer. This blocks them to create one for all type solution to bypass the honeypot field. But even in that case if you get spam bot submission, chaging the field name should work.
90	+
91	+ = Can i see what data spammers are trying to submit ? =
92	+
93	+ With WP Armour - Honeypot Anti Spam plugin it is No. But if you want you can extend WP Armour with WP Armour Extended plugin and can see what data spammers are trying to submit. It also have feature to block ip address if there are multiple submission from same IP.
94	+
95	== Screenshots ==
96
97	1. Screenshot #1. WP Armour - Honeypot Anti Spam Settings.
98	+ 1. Screenshot #2. WP Armour - Honeypot Anti Spam Statistics.
99
100	== Changelog ==
101	+ = = 1.4 =
102	+ * Added support for Formidable Forms
103	+ * Added honeypot spam statistics
104	+
105	= = 1.3 =
106	+ * Rebranding to WP Armour - Honeypot Anti Spam Plugin.
107
108	= = 1.1 =
109	* Removed unwanted settings.

screenshot-2.png ADDED Viewed

Binary file

wp-armour.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: WP Armour - Honeypot Anti Spam
4	Plugin URI: http://wordpress.org/plugins/honeypot/
5	Description: Add Honey Pot spam protection.
6	Author: Dinesh Karki
7	- Version: 1.3
8	Author URI: https://dineshkarki.com.np
9	*/
10
	@@ -16,15 +16,18 @@ include 'includes/integration/wpa_wpregistration.php';
16	include 'includes/integration/wpa_contactform7.php';
17	include 'includes/integration/wpa_wpforms.php';
18	include 'includes/integration/wpa_gravityforms.php';

19
20	add_action('wp_enqueue_scripts','wpa_load_scripts');
21	add_action('login_enqueue_scripts','wpa_load_scripts');
22	add_action('admin_menu', 'wpa_plugin_menu');

23
24	register_activation_hook( __FILE__, 'wpa_plugin_activation' );
25
26	function wpa_plugin_activation(){
27	add_option('wpa_installed_date',date('Ymd'));
28	add_option('wpa_field_name','field'.rand(1,9999));
29	- add_option('wpa_error_message',' Spamming or your Javascript is disabled !!');

30	}


4	Plugin URI: http://wordpress.org/plugins/honeypot/
5	Description: Add Honey Pot spam protection.
6	Author: Dinesh Karki
7	+ Version: 1.4
8	Author URI: https://dineshkarki.com.np
9	*/
10

16	include 'includes/integration/wpa_contactform7.php';
17	include 'includes/integration/wpa_wpforms.php';
18	include 'includes/integration/wpa_gravityforms.php';
19	+ include 'includes/integration/wpa_formidable.php';
20
21	add_action('wp_enqueue_scripts','wpa_load_scripts');
22	add_action('login_enqueue_scripts','wpa_load_scripts');
23	add_action('admin_menu', 'wpa_plugin_menu');
24	+ add_action( 'wpa_handle_spammers','wpa_save_stats',10,1);
25
26	register_activation_hook( __FILE__, 'wpa_plugin_activation' );
27
28	function wpa_plugin_activation(){
29	add_option('wpa_installed_date',date('Ymd'));
30	add_option('wpa_field_name','field'.rand(1,9999));
31	+ add_option('wpa_error_message',' Spamming or your Javascript is disabled !!');
32	+ add_option('wpa_stats','{"total":{"today":{"date":"'.date('Ymd').'","count":0},"week":{"date":"'.date('Ymd').'","count":0},"month":{"date":"'.date('Ymd').'","count":0},"all_time":0}}');
33	}

WP Armour – Honeypot Anti Spam - Version 1.4

Version Description

Release Info

Code changes from version 1.3 to 1.4