After installing and activating the plugin the first thing you need to do is go to the settings page located under the Honeypot Toolkit item in the wordpress admin menu. Below is a screenshot of the page to show you what it looks like.

Project Honeypot Settings

The first set of options is titled Project Honeypot. This is where you set up the options for your Project Honeypot account. By checking the Use Project Honeypot checkbox a DNS query will be done at page load time to check the visitors IP to see if it is on the Project Honeypot Http:BL and you can set your honeypot script location to be inserted into your pages.

You will need to go to https://www.projecthoneypot.org/ to sign up for an account. Then you need to go to https://www.projecthoneypot.org/manage_honey_pots.php and follow the instructions to set up your honeypot. After you have set up the script you enter the address of your script in the Honeypot Path input field. This will automatically insert a hidden link in your pages pointing to your honeypot script.

If you want to use the Http:BL from Project Honeypot to block visitors who have been identified as spammers then you will need to get an access key at https://www.projecthoneypot.org/httpbl_configure.php. After you get the access key you enter it in the Project Honeypot API Key input field.

After you have entered the access key you can set the Max Days input to set the maximum number of days since the last activity was seen from that IP. If the IP hasn’t been seen by Project Honeypot for 20 days and you have the max days set to 19 or lower then the IP will not be blocked.

Next you can set the Threat Score input to set the minimum threat score that will be blocked. If the IP has a threat score of 20 and you have set the threat score to 20 or below then the IP will be blocked.

Last you can set the Check Interval input to set the interval in days when the IP addresses blocked by the Http:BL to make sure it is still on the list. This is done in the background automatically.

Spamcop

There is only one option to use Spamcop. If you want to use the Spamcop block list to block visitors you just need to check the checkbox. This will do a DNS query at page load time to check the visitors IP to see if it is on the Spamcop block list.

Whitelist

If you choose to block everyone from your site except yourself you can select Yes for the Only Allow Whitelist input and add your IP address to the Whitelist. You can also add IP addresses to the whitelist if you want to limit access to a specific list of IP addresses and then enter those addresses on the Whitelist.

Login

To monitor failed login attempts and ban certain usernames check the checkbox labeled Monitor Login.

If you check Monitor Login you can set the limit of failed login attempts before an IP address is banned temporarily by entering the limit in Login Limit.

In the input field labeled Time Span you can enter the amount of time in seconds since the last failed login before the limit will be reset for an IP. So if you have the timespan set to 86400 and a visitor fails the set number of times within one day their IP address will be blocked.

In the input field labeled Block Time you can enter the amount of time in seconds that an IP address is blocked if a visitor reaches the limit and is blocked. So if you have this set to 604800 then a user will be blocked for one week if they reach the limit.

If you choose Yes for the input labeled Show Failed Count then the visitor will see the number of failed login attempts they have left before they will be blocked.

In the textarea labeled Banned Usernames you can enter any usernames that will automatically get a visitor blocked. Bots will typically try usernames like admin or test to see if they can get logged in. By banning these usernames any bot that tries those users will automatically be blocked.

404

To monitor 404 errors you can check the checkbox labeled Monitor 404. This can help block bots that scan your site looking for known exploits.

If you check Monitor 404 you can set the limit of 404 errors before an IP address is banned temporarily by entering the limit in 404 Limit.

In the input field labeled Time Span you can enter the amount of time in seconds since the last 404 error before the limit will be reset for an IP. So if you have the timespan set to 86400 and a visitor generates the set number of 404 errors within one day their IP address will be blocked.

In the input field labeled Block Time you can enter the amount of time in seconds that an IP address is blocked if a visitor reaches the limit and is blocked. So if you have this set to 604800 then a user will be blocked for one week if they reach the limit.

Response

With the select box labeled Response Code you can set the HTTP response code that will be sent when a user has been blocked.

Use the calculator below to convert any amount of time into seconds for use on the settings page.

Time Conversion Calculator