Click here to read the latest newsletter!

Submit Your Site For Free!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

AntiSpamNews
SecurityProNews
ITmanagement






The Latest Internet News
Add Headlines for your site


Wordpress Honeypot Plug-in

By Dan Morrill
Expert Author
Article Date: 2007-05-04

From a security viewpoint, this little plug in for Wordpress is one of the more interesting little scripts you can dump onto your Wordpress blog, to see how many evil systems are trying to access your site.

From e-mail harvesters to spam commenter systems, this script is part of the "Adopt a Honeypot" project.
http:BL WordPress Plugin allows you to verify IP addresses of clients connecting to your blog against the Project Honey Pot database. Thanks to http:BL API you can quickly check whether your visitor is an email harvester, a comment spammer or any other malicious creature. Communication with verification server is done via DNS request mechanism, which makes the query and response even quicker. Now, thanks to http:BL WordPress Plugin any potentially harmful clients are denied from accessing your blog and therefore abusing it. Source: Stepien.com.pl
By matching known Project Honeypot IP Addresses against the people who are visiting your blog, and then allowing or denying access based on that return, you can control the type of person coming to your blog.

Drawbacks that are immediately visible are legitimate users, real PC's with real people behind them that have had their systems compromised by some form of malware. So if I ran a big Wordpress site I would use this with caution. If there is a logging capability in it I would log the IP addresses if they were known evil, and then figure out the ratio of good IP addresses against bad/evil IP addresses that are attaching to my site. Then depending on the percentage of good/evil would then see if I could afford to do this without ticking off my users or visitors.

You have to have a project Honeypot account to use their database, it might look suspicious if a major corporation with millions of users a day is hitting the Honeypot site. So depending again on size, and the ability of the Honeypot project to deal with the data load, this might also have to be used with caution, or somehow reimburse the Honeypot project for the use of their system.

It does not work well in a multi-blog environment yet, but they are working on it. You will have to initialize the plug in for each Wordpress blog in the multi-user version of the software.

With some caution and some test trials, it makes an interesting plug in for Wordpress that would be worth checking out. Depending on what the next round of updates, and how well the backend Honeypot project handles the influx of data from users of this plug-in, the usefulness of the plug-in will be interesting to see.

Comments
About the Author:
Dan Morrill has been in the information security field for 18 years, both civilian and military, and is currently working on his Doctor of Management. Dan shares his insights on the important security issues of today through his blog, Managing Intellectual Property & IT Security, and is an active participant in the ITtoolbox blogging community.


Newsletter Archive | Article Archive | Submit Article | Advertising Information | About Us | Contact


AntiSpamNews is an iEntry, Inc. ® publication - All Rights Reserved Privacy Policy and Legal