Laravel Honeypot is a package designed to help protect your Laravel applications from spam bots by adding a hidden form field that, when filled, indicates the submission is likely from a bot. It provides a simple and effective method to reduce spam submissions without inconveniencing genuine users.
You can install the package via composer:
composer require atendwa/laravel-honeypotYou can override the default options for the honeypot. First publish the honeypot.php configuration file:
php artisan vendor:publish --provider="Atendwa\Honeypot\HoneypotServiceProvider" --tag="config"Add the following variables in your .env file to use you custom configurations
HONEYPOT_ENABLED=TRUE
HONEYPOT_INPUT_NAME=mobile
HONEYPOT_TIME_INPUT_NAME=time_field
HONEYPOT_MINIMUM_SUBMISSION_DURATION=1 #time in seconds
-
Add the
prevent-spammiddleware to the routes you want to protect from spam bots.Route::post('/submit-comment', [commentController::class, 'store']) ->middleware('prevent-spam');
-
Add the
<x-honeypot::honeypot-fields/>blade component to the form body<form action="/submit-comment" method="POST"> @csrf <x-honeypot::honeypot-fields/> // other input fields </form>
composer testPlease see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.