Types of honeypots

Types of honeypots, traps embedded in a website’s code or form that real users don’t see or interact with, but bots might. When bots trigger them, Tapper flags or blocks them as likely invalid traffic.

Here’s a breakdown of each:

🕳️ Honeypot Types (What They Are & Why They're Useful)

1. HIDDEN_FORM_SUBMISSION = 0

A full form that is visually hidden. Bots may autofill and submit it. Legitimate users never see it.

2. HIDDEN_TEXT_INPUT = 1

A hidden text field (e.g., fake "first name" input). Bots often fill every field they detect, including hidden ones.

3. HIDDEN_CHECKBOX_INPUT = 2

A hidden checkbox. If it’s checked on submission, likely a bot.

4. HIDDEN_RADIO_INPUT = 3

Same concept as above but using radio buttons. Bots may randomly select options.

5. HIDDEN_BUTTON_CLICK = 4

A hidden button. If clicked, indicates bot behavior (e.g., auto-clickers or headless browsers).

6. FORM_SUBMISSION_TIME_BASED_TRAP = 5

If a form is submitted too quickly after loading (e.g., <2 seconds), it’s suspicious — humans take time to read/fill forms.

7. JS_VARIABLE_WRITE = 6

A hidden JS variable (e.g., window.__honeypotTriggered = true). Bots that execute JavaScript or manipulate variables might overwrite it — revealing themselves.

8. HIDDEN_LINK_CLICK = 7

A hidden hyperlink. If clicked, likely a bot navigating DOM elements without visual context.

**

Updated on: 19/05/2025