-
Type:
Story
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.4 Larks
-
Fix Version/s: 2.6 Larks
-
Labels:None
-
Sprint:2.6 Larks
As an Owner I'd like to be secured from bots so that I'm not flooded with spam
Honeypot is a popular technique that works like that:
- We put an invisible field on form (display: none)
- If the field was filled, then it's a bot that fills all the fields on form
Acceptance Criteria:
- There is invisible field in both registration forms (pop up and registration page).
- If the bot is detected (invisible field is filled with some data), user sees a pop up message like "Invalid request!". Bot is redirected to the main page.
- Info about bot (IP, email and user-agent) is wrote to the application log (to prevent bot activity in future).
- relates to
-
-
- Closed
-
