The honeypot feature is not new to Gravity Forms, but we have made some enhancements to improve its effectiveness while also adding user controls that will allow you to specify how the honeypot handles spam submissions.
To enable, you will need to go to Form Settings for the forms you’d like this feature to be enabled on.
Like before, when enabled, the honeypot spam protection technique will function automatically and not require user interaction.
Enhanced Implementation Technique
The current PHP honeypot adds a hidden field to the form when the page loads, and if that field is populated, the honeypot considers the entry spam. This still exists and is not being replaced.
Once activated, a new setting will appear, allowing you to define what action you would like to take “if the honeypot flags a submission as spam“. The two options offered are
- Do not create an entry
- Create an entry and mark it as spam
If Do not create an entry is chosen, form submissions caught by the honeypot are not saved, and the form confirmations will display the default “Thanks for contacting us! We will get in touch with you shortly.” message instead of the forms configured confirmation.
If Create an entry and mark it as spam is chosen, form submissions caught by the honeypot are saved as entries but will be marked as spam on the entries list page. The form confirmation will display the default “Thanks for contacting us! We will get in touch with you shortly.” message instead of the forms configured confirmation.
The gform_abort_submission_with_confirmation filter can be used to determine if submissions are aborted without saving the entry.