XHTML.net

Pierre said:

I read this article and found out a couple of not-so-good ideas, especially about accessibility or your website.

For instance, in the chapter "Making honeypots invisible", the author recommands to use one of the methods, such as making the honeypot invisible in CSS, or too small, or using Javascript, etc.

But if you deactivate CSS, or if you're using a program like JAWS to read the content of your webpage, then the content may appear as a normal one, and you won't be able to post any comment because it will be treated as a Spam.

Fortunately, the latest method ("Leave the honeypots displayed like the other fields, but tell people not to enter anything into them.") is a good one ; you can also use a system like Jimmac (http://jimmac.musichall.cz/weblog.php) does on his website, with a field asking "Are you an annoying spammer?", and the default value is "yes", then you just have to write "no", and the comment will be accepted automatically!

Well, just to say: beware of the accessibility of the webpages you're creating!

Loïc said:

Hi Pierre. Very good remarks. In fact if you deactivate the CSS you will see that I have not included any of the non accessible technics. Accessibility is something I will never trade against possibly more security against spammers.

For the moment I am doing the following:
- Special field based on the server time to have a comment valid only 5 sec after the preview and up to 15 minutes (you need to go through the preview process and spend at least 5 sec to figure out what to do).
- Control of the numbers of URL in the comment field.
- Control of the length of the comment.
- Control of the ip (black listed or not).

Thank you and I am happy to read that accessibility is part of the concerns of my readers!