prevent spam

[JohnRDOrazio]

any website that allows for user registration and login, and handles email addresses, is subject to spam registrations and spam posts. This is especially a problem for larger more well known platforms such as WordPress, which have a well known pattern of usage. However, we should probably keep in mind that this might be a problem.

There are a few gems that help deal with this:

1. https://github.com/cmaxw/project-honeypot - though the honeypot makes checks against a centralized database that is constantly updated, and works very well, I've had the experience in WordPress that it worked too well, to the point of blacklisting my own IP address in the centralized honeypot database when trying to log into my own website as administrator! I wasn't the only one having this trouble, other users tried to let the plugin creator know there was a problem, but I don't believe he ever acknowledged it. At least not right away, I wound up in fact just removing his plugin and finding a paid subscription plugin that actually worked, I didn't want to be getting into discussions whether I was a legitimate user or not and whether it was actually a problem in the plugin or not. In any case, that most likely was a problem with the plugin itself, and not with the honeypot project or centralized database, so this could very well be a good option for a Rails project.
2. https://github.com/markets/invisible_captcha - this should create an invisible form field that humans would never fill in, but spambots will fall for
3. https://github.com/joshfrench/rakismet - paid subscription, similar to WordPress, seems to be quite effective