Blocking bad IPs with project honeypot

Events happening in the community are now at Drupal community events on www.drupal.org.
Amazon's picture

Hi, Drupal.org has been running project honeypot.

Today it was able to reduce between 5-10% of their traffic by blocking bad IPs. If you are running a high traffic site you might want to implement Project Honeypot. http://www.projecthoneypot.org

Comments

rule based blocking with mod_security

eli's picture

I'm impressed that it is so effective. I would've thought that blocking by IP address would be fruitless.

Have you ever tried mod_security? It's more of a rule-based system than Honeypot, though it can be set up to reference RBLs too. I just set it up on my server and I can't recommend it enough. I even configured it to talk to my iptables firewall so that really annoying problems (like the rogue crawlers that hit my site, making 10 reqs/sec) can be temporarily blocked before they even get to Apache.

That may explain it. Last

christefano's picture

That may explain it. Last week I got a simple banned message. I was already logged in, too, but I reloaded the page all was well.

Honeypot in Drupal 8 vs Drupal 7 User Security

mholmansr's picture

Hello,

I've done a new install of Honeypot on my Drupal 8 site after using it previously on Drupal 7.

Is it just me or is there a difference in Drupal 7 vs Drupal 8?

I thought I remembered in Drupal 7 that user could register be automaticallty assigned a Registration level and then, if they did not verify they could remain unregistered and Honeypot would delete them automatically.

I'm trying to get did i miss something or was there another module that did this or lastly is it just a difference in Drupal 8 vs Drupal 7.

Thank You for any direction you can provide.

Mike
http://holmans-world.com/drupal

Mike Holman
Holman's World
http://drupal.holmans-world.com/

High performance

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: