Hasty Treat - Forms, Captchas, Honeypots, Dealing With Malicious Users and the Sad State of Contact Forms

In this Hasty Treat, Scott and Wes talk about forms, captchas, dealing with malicious users, and more!
LogRocket - Sponsor LogRocket lets you replay what users do on your site, helping you reproduce bugs and fix issues faster. It’s an exception tracker, a session re-player and a performance monitor. Get 14 days free at logrocket.com/syntax.
Show Notes 02:00 - So you made a form:
Contact form
Sales form
Email signup for newsletter
Bug report
Sign up for an account
Password reset
03:00 - Now someone is going to:
Have a bot that submits it
Maliciously write a bot that submits thousands
04:14 - So what can you do?
4:54 - Honey pot
This is a field that is either hidden or you tell the user not to fill in
Can goof up autofill
Works in many cases
07:37 - IP Throttle
Only allow each IP to do an action a certain number or times inside a window
You may only try signing up once per 10 mins
09:48 Block known ASN
12:37 - Captcha
Soft captcha: “What is 1 plus 1?”
Annoying captcha: Type these letters
Google captcha: Train our self driving cars
Hidden captcha
Cloudflare hCaptcha
Links Cloudflare

Digital Ocean

Google reCaptcha

Cloudflare hCaptcha

Cloudinary

Tweet us your tasty treats! Scott’s Instagram

LevelUpTutorials Instagram

Wes’ Instagram

Wes’ Twitter

Wes’ Facebook

Scott’s Twitter

Make sure to include @SyntaxFM in your tweets