Anti spam honey pot - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5) +--- Forum: Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=11) +--- Thread: Anti spam honey pot (/showthread.php?tid=63141) Pages:
1
2
|
RE: Anti spam honey pot - peterm87 - 03-30-2016 Greet addon! Some bots can get through the CSRF protection in some way, so this is a nice extra security for bots. I had some issues with our excluded CSRF URIs so I fix this by adding the following core code to the function honey_pot_verify in MY_Security.php: PHP Code: // Check if URI has been whitelisted from CSRF checks So this is new function code: PHP Code: public function honey_pot_verify() RE: Anti spam honey pot - peterm87 - 03-30-2016 (02-29-2016, 05:35 AM)ardavan Wrote: Hey @Martin7483, Hi @ardavan, You can test it by filling in some value in the hidden input field using the browser developers tool like in Google Chrome by pressing F12 and then sent the form. RE: Anti spam honey pot - Martin7483 - 04-07-2016 Hi, Thanks for the update. Sorry for the late reply Been very busy with work and family stuff. But will be here more from now on RE: Anti spam honey pot - Martin7483 - 06-20-2017 It has been a while, but I have recently come a cross an issue with the honey pot. I never created an expire time for the token. Update the ./config/config.php file and add PHP Code: $config['honey_pot_expire'] = 3600; Update the ./core/MY_Security.php file and add the following lines PHP Code: protected $_honey_pot_expire; // The time the token remains valid for. Default is 1 hour The code provided in the OP has also been updated RE: Anti spam honey pot - jj.ranran225566 - 07-10-2022 Can we use $config['honey_pot_exclude_uris'] like the CSRF exclude URI? I really need this exclusion cause I need the honey pot for just some url but not the whole website which currently, it checks the honey pot for all urls. |