Malin
c2a29ffbbe
- Require honeypot field presence (blocks direct POST bots) - Add HMAC-based JavaScript proof-of-work token via SubtleCrypto - Hook into woocommerce_process_registration_errors for proper validation - Add IP-based rate limiting (3 registrations/hour) via transients - Add timestamp validation (min 3s, max 2h) - Use realistic field names to avoid bot detection - Support WP core registration, comments, Elementor, Gravity Forms, CF7