← Back to all products
$19
Spam Prevention
Multi-layer spam protection with honeypots, HMAC time traps, rate limiting, and content analysis.
JSONMarkdownPython
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 10 files
spam-prevention/
├── LICENSE
├── README.md
├── examples/
│ └── spam_config.json
├── free-sample.zip
├── guide/
│ ├── 01_features.md
│ ├── 02_cli-reference.md
│ ├── 03_programmatic-usage.md
│ └── 04_license.md
├── index.html
└── src/
└── spam_prevention.py
📖 Documentation Preview README excerpt
Spam Prevention
Multi-layer form spam protection — honeypots, HMAC time traps, rate limiting, IP blocking, and content analysis. Pure Python, zero dependencies.
Part of the [Form Forge](https://form-forge.codevault.dev) toolkit by CodeVault.
Features
- Honeypot fields: hidden form fields that catch automated bots
- HMAC time traps: cryptographic timestamps that reject submissions that are too fast or too old
- Rate limiter: JSON-backed per-IP rate limiting with configurable windows
- IP blocklist: block individual IPs or entire /24 subnets
- Content analysis: detect spam phrases, excessive URLs, ALL CAPS, and repetitive characters
- CAPTCHA hooks: integration points for external CAPTCHA services
- Layered scoring: each layer contributes a spam score — threshold-based accept/reject
- Python 3.10+ stdlib only — no pip installs required
Quick Start
# Check a form submission for spam
python src/spam_prevention.py --check '{"email": "user@example.com", "message": "Buy cheap stuff now!!!"}'
# Generate a honeypot field
python src/spam_prevention.py --generate-honeypot
# Generate an HMAC timestamp token
python src/spam_prevention.py --generate-timestamp
# Block an IP address
python src/spam_prevention.py --block-ip 192.168.1.100
# Unblock an IP address
python src/spam_prevention.py --unblock-ip 192.168.1.100
# Run the built-in demo
python src/spam_prevention.py --demo
CLI Reference
| Flag | Description |
|---|---|
--check JSON | Check a submission JSON string for spam |
--generate-honeypot | Generate a hidden honeypot field HTML snippet |
--generate-timestamp | Generate an HMAC-signed timestamp token |
--block-ip IP | Add an IP to the blocklist |
--unblock-ip IP | Remove an IP from the blocklist |
--demo | Run a built-in demo of all spam prevention layers |
Protection Layers
1. Honeypot Fields
Hidden form fields invisible to real users but filled by bots:
<!-- Generated by spam_prevention.py -->
<div style="position:absolute;left:-9999px;" aria-hidden="true">
<input type="text" name="website_url_confirm" tabindex="-1" autocomplete="off">
*... continues with setup instructions, usage examples, and more.*
📄 Code Sample .py preview
src/spam_prevention.py
#!/usr/bin/env python3
"""
Spam Prevention — Form Anti-Spam Toolkit
==========================================
Multiple layers of defense against form spam: honeypot fields,
time-based traps, rate limiting, IP blocking, CAPTCHA integration
hooks, and content analysis. No external dependencies.
Part of the Form Forge toolkit by DataNest.
License: MIT
"""
from __future__ import annotations
import argparse
import hashlib
import hmac
import json
import logging
import os
import re
import secrets
import sys
import time
from dataclasses import dataclass, field
from datetime import datetime, timezone
from typing import Any
logging.basicConfig(level=logging.INFO, format="%(levelname)s: %(message)s")
logger = logging.getLogger(__name__)
# ---------------------------------------------------------------------------
# Constants
# ---------------------------------------------------------------------------
RATE_LIMIT_DIR = "spam_data"
DEFAULT_SECRET_KEY = "CHANGE_ME_IN_PRODUCTION_" + secrets.token_hex(16)
# Common spam phrases (case-insensitive matching)
SPAM_PHRASES = [
"buy now", "click here", "free money", "act now", "limited time",
"congratulations you won", "make money fast", "earn extra cash",
"viagra", "cialis", "casino online", "poker online",
"nigerian prince", "wire transfer", "western union",
"seo services", "link building", "backlinks cheap",
"crypto investment", "guaranteed profit", "double your money",
]
# URL spam thresholds
MAX_URLS_IN_MESSAGE = 3
URL_PATTERN = re.compile(r"https?://\S+", re.IGNORECASE)
# ... 488 more lines ...