Honeypot for Contact Form 7


This simple addition to the wonderful Contact Form 7 (CF7) plugin adds basic honeypot anti-spam functionality to thwart spambots without the need for an ugly captcha.

The principle of a honeypot is simple — bots are stupid. While some spam is hand-delivered, the vast majority is submitted by bots scripted in a specific (wide-scope) way to submit spam to the largest number of form types. In this way they somewhat blindly fill in fields, regardless of whether the field should be filled in or not. This is how a honeypot catches the bot — it introduces an additional field in the form that if filled out will cause the form not to validate.

Follow us on Twitter and on Facebook for updates and news.

La ayuda está aquí.

Visit the Honeypot for Contact Form 7 plugin page for additional information or to buy us a coffee to say thanks.


Si quieres traducir este plugin, visita la pagina del plugin en translate.wordpress.org. A partir de la versión 1.10, toda las traducciones se gestionan allí. ¡Gracias a los políglotas que contribuyen!


If you are using CF7 3.6+, use the latest version of this plugin. If you are using an older version of CF7, you will need to use CF7 Honeypot v1.3.


  1. Instálalo usando la característica «Añadir plugin» de WordPress — simplemente busca «Señuelo para Contact Form 7».
  2. Confirma que Contact Form 7 está instalado y activado. Luego activa este plugin.
  3. Edita un formulario de Contact Form 7.
  4. Choose «Honeypot» from the CF7 tag generator. Recommended: change the honeypot element’s ID.
  5. Insert the generated tag anywhere in your form. The added field uses inline CSS styles to hide the field from your visitors.

Video de instalación y uso

For the more visually-minded, here is a short video showing how to install and use CF7 Honeypot from the fine folks at RoseApple Media. Note: This video was not produced by the CF7 Honeypot developer.

Modificando el HTML producido por Honeypot [AVANZADO]

Aunque los ajustes básicos deberían contentar a la mayoría de las personas, hemos añadido varios filtros para que puedas personalizar aún más el campo del señuelo. Los tres filtros disponibles son:

  • wpcf7_honeypot_accessibility_message – Adjusts the default text for the (hidden) accessibility message.
  • wpcf7_honeypot_container_css – Adjusts the CSS that is applied to the honeypot container to keep it hidden from view.
  • wpcf7_honeypot_html_output – Adjusts the entire HTML output of the honeypot element.

Para ejemplos de lo anterior puedes ver esta receta en gist


¿Evitará este módulo todo mi spam de formularios de contacto?

  • Probablemente no, pero debería reducirlo a un nivel en el que no necesites ninguna medida adicional contra el el spam (CAPTCHA, preguntas de matemáticas, etc.).

¿Son los honeypots mejores que los CAPTCHAs?

  • This largely depends on the quality of the CAPTCHA. Unfortunately the more difficult a CAPTCHA is to break, the more unfriendly it is to the end user. This honeypot module was created because we don’t like CAPTCHAs cluttering up our forms. Our recommendation is to try this module first, and if you find that it doesn’t stop enough spam, then employ more challenging anti-spam techniques.

¿Puedo modificar el HTML que produce este plugin?

  • ¡Sip! Puedes ver la sección de Instalación para más detalles o ejemplos en este gist.

Mi formulario no se está validando con la herramienta de validación W3C

  • This is by design, and we recommend leaving this validation error for enhanced improvement of the plugin. However, there is a simple work around. See here for details.


26 de diciembre de 2020
Yes, well, the last year the amount of spam has bin through the roof, but if you configure this plugin correct; you can actually stop spam. I'm not saying how exactly, because you know spammers read too, but quite a few repeats of a honeypot here and there does the trick. Be creative 🙂
14 de septiembre de 2020
Honepots are very user friendly in comparison to captcha. But it happens more and more often, that bots can recognize this honey pots. Better use unique names and maybe 2 or more. It still can reduce a big amount of spam. So for me still helpful!
18 de junio de 2020
Tried all the tricks with this app for trying to fake out the bots, but the spam still keeps coming. Looks like adding recaptcha is the best solution and in my experience, WP forms is doing a better job.
Leer todas las 85 reseñas

Colaboradores y desarrolladores

«Honeypot for Contact Form 7» es un software de código abierto. Las siguientes personas han colaborado con este plugin.


«Honeypot for Contact Form 7» ha sido traducido a 18 idiomas locales. Gracias a los traductores por sus contribuciones.

Traduce «Honeypot for Contact Form 7» a tu idioma.

¿Interesado en el desarrollo?

Revisa el código , echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.

Registro de cambios


Minor update to change name to comply with CF7 copyright notice.


Added do-not-store for when forms are stored in the DB (i.e. Flamingo). Improved wrapper ID masking and customization.


Additional functionality to improve spam-stopping power.


Introduces ability to force W3C compliance. See here for details.


Addresses accessibility concerns regarding a missing label and disables autocomplete to prevent browser autocomplete functions from filling in the field.


Updates for Function/Class changes related to CF7 4.6. Removed plugin local language support, instead use translate.wordpress.org.


Added i18n support, French language pack. Thx chris-kns


Added wpcf7_honeypot_accessibility_message and wpcf7_honeypot_container_css filters, i18n support.


Provides backwards compatibility for pre-CF7 4.2, introduces ability to remove accessibility message.


Quick fix release to fix PHP error introduced in 1.6.3.


Updates to accommodate changes to the CF7 editor user interface.


Small change to accommodate validation changes made in CF7 4.1.


Small change to accommodate changes made in CF7 3.9.


Quite a lot of code clean-up. This shouldn’t result in any changes to the regular output, but it’s worth checking your forms after updating. Also, you’ll note that you now have the ability to add a custom CLASS and ID attributes when generating the Honeypot shortcode (in the CF7 form editor).


Added filter hook for greater extensibility. See installation section for more details.


Update to make compatible with WordPress 3.8 and CF7 3.6. Solves problem of unrendered honeypot shortcode appearing on contact forms.


Update to improve outputted HTML for better standards compliance when the same form appears multiple times on the same page.


Small update to add better i18n and WPML compatibility.


Small update for W3C compliance. Thanks Jeff.


  • Versión inicial.