Stack Overflow
Stack Overflow

Questions tagged [honeypot]

A trap set to detect or deflect attempts to hack a site or system.

In cybersecurity systems, a preemptive measure to assuage the damage an intruder may do upon a system is the honeypot.

In essence, this method is accomplished by the following (albeit humorous) example:

An IT administrator creates a dummy folder named PASSWORDS, which when accessed immediately prevents further access of files from said user account and alerts the administrators of the data server.

Because intruders upon cyber systems are often looking for personal information such as passwords, this colloquially could be seen as a "honeypot" to them. And as such, it is a tempting piece of bait upon which once it is accessed, they are immediately kicked from the system and the issue may be investigated to prevent further intrusions.

126 questions
101
votes
4 answers

Better Honeypot Implementation (Form Anti-Spam)

How do we get rid of these spambots on our site? Every site falls victim to spambots at some point. How you handle it can effect your customers, and most solutions can discourage some people from filling out your forms. That's where the honeypot…
Nicholas Summers
  • 4,444
  • 4
  • 19
  • 35
61
votes
11 answers

How can I throttle user login attempts in PHP

I was just reading this post The definitive guide to form-based website authentication on Preventing Rapid-Fire Login Attempts. Best practice #1: A short time delay that increases with the number of failed attempts, like: 1 failed attempt = no…
JasonDavis
  • 48,204
  • 100
  • 318
  • 537
36
votes
4 answers

How effective is the honeypot technique against spam?

By "honeypot", I mean more or less this practice: #Register form
Your email: Choose a…
Strae
  • 18,807
  • 29
  • 92
  • 131
16
votes
5 answers

How do I add Honey pot fields to my forms?

I've been reading about adding Honey pot fields to my forms for combating bots/spam. Only problem is theirs no guides or anything on where to start. Many sites say to make a field that is hidden that only the spam bot would fill out. But as I'm new…
LearningRoR
  • 26,582
  • 22
  • 85
  • 150
10
votes
1 answer

Honeypot implementation

Trying to filter out spam from an online form. I have a hidden div with an input. The idea is that if something goes into the field, the form will ID the user as a bot and reject the submission. After trying to implement this method, the bots…
blackessej
  • 706
  • 1
  • 17
  • 35
9
votes
2 answers

Interview question: Honeypots and web crawlers

I was recently reading a book as prep for an interview and came across the following question: What will you do when your crawler runs into a honey pot that generates an infinite subgraph for you to wander about? I wanted to get some solutions to…
OckhamsRazor
  • 4,824
  • 13
  • 51
  • 88
6
votes
2 answers

Advice for use of honeypot img tag to detect scrapers / bad bots

We want to setup a little honeypot image in our html bodies to detect scrapers / bad bots. Has anyone set something like this up before? We were thinking the best way to go at it would be to: a) Comment the html out via: