HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


Has anyone implemented a honey pot on their site?

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#82952 (In Topic #17276)
Avatar

Community saint

Just curious to see if anyone has implemented a honey pot from Project Honey Pot on their site and how difficult/easy it is to do.

For all you master coders out there, this would be an excellent add-on, feeding information on "bad actors" back to the Honey Pot which in turn could be used to identify problems in the future. Ideally, this would get full-support from Chris as part of the spammer database feature request but I am wondering if anyone has taken the first step of creating a honey pot for their site.

Bob
Back to the top
 
Posted
Rating:
#82960
Avatar

Community saint

Back when I had a dedicated server and 12 domains, I had set up several honeypots and also donated many honeypot MX entries. Basically, you create a page that contains the honeypot and provide an invisible-to-humans, but not bots, link to that honeypot page on another page.

This http://www.projecthoneypot.org/faq.php#c has more info on all that.

Steve
Back to the top
 
Posted
Rating:
#82961
Avatar

Community saint

Hi Steve-

Was it effective? Did you catch many bad actors with your honey pots? Did it have a noticeable impact on site performance?

I'm thinking that this is the way to go when and if Chris attacks the spammer database feature request. Project Honey Pot now tracks spammers, botnets, user-agents (similar to what Bad Behavior does) and email harvesters. Using this as the source of any "spammer database" would seem to be a really good solution and incorporating the honey pots would, of course, help to feed PHP's information.

Bob
Back to the top
 
Posted
Rating:
#82964
Avatar

Community saint

Back when I was participating, the honeypot project was just harvesting spammer data. I don't remember any negative performance issues. I'm sure things has change in the 7 or 8 years since then.

Steve
Back to the top
 
Posted
Rating:
#82967
Avatar

Community saint

LOL I suspect they have. It's interesting to go to their site and see the activity they are capturing daily.

Bob


Last edit: by BobS
Back to the top
 
Posted
Rating:
#82975
Avatar

Community saint

So, I have either bravely or foolishly set up a honeypot on my site. No obvious degradation to performance. Now to see if I catch anyone. It seems so many threats are caught by Cloudflare although I did have someone from Russia take the time to enter then CAPTCHA and then sneak around the polls and forums areas.

Bob
Back to the top
 
Posted
Rating:
#82995
Avatar

Community saint

Since I am feeling adventurous, I decided to donate an MX entry to Project Honey Pot. Here's hoping I did it right. It hasn't crashed my site yet.

Bob
Back to the top
 
Posted
Item has a rating of 5 (Liked by JeanLiked by Robbie Goacher)  
Rating:
#82997
Avatar

Community saint

BobS said

Since I am feeling adventurous, I decided to donate an MX entry to Project Honey Pot. Here's hoping I did it right. It hasn't crashed my site yet.

Bob
The World Wide Web is still working so I guess you did it right.

Steve
Back to the top
 
Posted
Rating:
#83023
Avatar

Community saint

LOL  I got a message this morning saying it was set up properly. Now I want to see how well this works. I will hopefully be disappointed because Cloudflare is doing a good job of keeping bad actors aways from the site.

Bob
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: