spam-prevention
Spam & Bot Prevention for SaaS
Expert guidance for preventing spam signups, bot accounts, and abuse of registration and trial flows in SaaS applications.
Core Principles
- Layer defenses — no single technique stops all spam; combine multiple signals
- Minimize friction for real users — invisible protections first, visible challenges only when needed
- Fail closed on high-risk signals — block or queue for review rather than letting spam through
- Monitor and adapt — spammers evolve; your defenses must too
Defense Layers (Priority Order)
Layer 1: Invisible Protections (Zero Friction)
These run silently — real users never notice them.
Honeypot Fields
More from hwatkins/my-skills
elixir-tdd
Test-driven development enforcement for Elixir and Phoenix. Requires failing tests before implementation. Use when implementing features, fixing bugs, or when code quality discipline is needed.
23elixir-otp
OTP patterns for Elixir — GenServer, Agent, Task, ETS, supervision trees, Registry, and process design. Use when designing concurrent systems, stateful processes, or deciding when (and when NOT) to use processes.
8rust-tdd
Test-driven development enforcement for Rust. Requires failing tests before implementation. Use when implementing features, fixing bugs, or when code quality discipline is needed.
5rust-core
Expert Rust development with ownership, borrowing, lifetimes, traits, error handling, and idiomatic patterns. Use for any Rust code.
4rust-async
Async Rust with Tokio, futures, concurrency patterns, channels, and performance. Use when building async services, networking, or concurrent Rust applications.
4elixir-ecto
Expert Ecto patterns for Elixir — changesets, Multi, composable queries, migrations, optimistic locking, multi-tenancy, and railway-oriented programming with `with`. Use when working with databases or data validation in Elixir.
2