From 4b6c0e31385f5f27a151088c0a2b614495c4e589 Mon Sep 17 00:00:00 2001 From: Paul Duncan Date: Thu, 14 Oct 2021 12:47:50 -0400 Subject: initial commit, including theme --- ...15-project-honey-pot-bindings-php-and-ruby.html | 74 ++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 content/posts/2007-10-15-project-honey-pot-bindings-php-and-ruby.html (limited to 'content/posts/2007-10-15-project-honey-pot-bindings-php-and-ruby.html') diff --git a/content/posts/2007-10-15-project-honey-pot-bindings-php-and-ruby.html b/content/posts/2007-10-15-project-honey-pot-bindings-php-and-ruby.html new file mode 100644 index 0000000..b176ae8 --- /dev/null +++ b/content/posts/2007-10-15-project-honey-pot-bindings-php-and-ruby.html @@ -0,0 +1,74 @@ +--- +date: "2007-10-15T03:17:18Z" +title: Project Honey Pot Bindings (PHP and Ruby) +--- + +

Project Honey Pot is a DNSRBL to preemptively block comment +spammers, harvesters, and other nefarious types on the web. This +afternoon I tested 50ish "spammy" IP addresses that Akismet missed +and Honey Pot caught about 10% of them. Unfortunately, I don't have a +good balanced corpus of comment spam to do a full comparison between the +two, so I'll be using both together for the time being.

+ +

Anyway, I've been sitting on mostly complete Ruby Honeypot +bindings for a while, but this evening I whipped up +some PHP bindings too.

+ +

Note that you'll need to create a Project Honey Pot account to get an +API key (but don't worry, it's free). Without any further ado:

+ +
# sample API key
+$api_key = 'asdf1234asdf';
+
+# ip/hostname to check
+# (this will almost always be $_SERVER['REMOTE_ADDR'])
+$addr = '127.1.10.1';
+
+# create new honeypot instance
+$honeypot = new Honeypot($api_key);  
+
+# check address
+if ($honeypot->is_ok($addr))
+  echo 'address is okay';
+else
+  echo 'address is NOT OKAY';
+
+ +

You can override the default age and threat thesholds by passing +additional arguments to the constructor, like this:

+ +
$honeypot = new Honeypot($api_key, array(
+  'ok_age'    => 300, # set age threshold to 300 days
+  'ok_threat' => 50,  # set threat level threshold to 50
+));
+
+ +

Using the check() method instead of is_ok() gives you more detailed +results. Say you're only concerned about fairly recent harvesters, and +not comment spammers or anything else:

+ +
# check the address
+$result = $honeypot->check($addr);
+
+# check for recent harvester results with a high threat level
+if ($result && $result['is_harvester'] && 
+    $result['age'] < 30 && $result['threat'] > 128) {
+  echo 'address is NOT OKAY';
+} else {
+  echo 'address is okay';
+}
+
+ +

Files:

+ + + +

If you're using Wordpress, someone else already wrote a handy http:BL +Wordpress plugin. I didn't see a decent generic Honeypot l +ibrary, which is why I wrote this one.

+ + -- cgit v1.2.3