Honeypot Toolkit

You can use this plugin to protect your website from spam comments, bots scraping your email addresses to be spammed, brute force login attempts, and hackers searching for vulnerabilities.

When the option is checked to use Project Honeypot it checks the Project Honeypot Http:BL with a DNS query in the background to see if the visitor’s IP address is on the list. You can set the minimum threat score and number of days since last seen. You can find out more information on the Http:BL at https://www.projecthoneypot.org/httpbl.php. You will need to sign up for an access key at https://www.projecthoneypot.org/httpbl_configure.php.

After you sign up for Project Honeypot you can set up your honeypot script at https://www.projecthoneypot.org/manage_honey_pots.php and enter the URL on the settings page. Then your honeypot link will be randomly placed on your pages to get spambots to use it.

When the option to use Spamcop is it checks the Spamcop blacklist to block spammers. Their service does not require any special access or API keys. Just check the box to use Spamcop and everything is in place. This is done with a DNS query just like the Project Honeypot service. The only thing done on the backend is a query to your local DNS server.

Another function of this plugin is to monitor bad logins and 404 errors. You can set the maximum for both of these before an IP gets blocked, how long the IP will be blocked, and the amount of time the user has to reach the limit.

When a visitor is blocked an HTTP status code is returned. By default it is a 503 error so that it looks like your site has gone down. You can set the status code to a number of other codes if you want.