A quick honeypot

Before I continue, I'd like to warn you: DO NOT TRY THIS AT HOME! If you do, you'll be completely banned from the site!

But, if you pop on over to the login page, and then try to log in with some username and password, you'll be instantly banned. Now, you may be asking, Why? And here I am to tell you.

Before I made this blog, the only page on my site was /. I wasn't being super-creative, acting like some sort of prolific writer. I just wanted to put together something really quickly so I can make use of this domain name besides email. And, after all, what better way than to make a website, right?

Well, according to Awstats (and this is just for the year as of August 15th), the shocking #2 spot in hits is (drum roll)

OH SNAP!

OH SNAP!

THE WORDPRESS LOGIN PAGE!!!

So I figured, in order to stop these randos from Romania and the Russian Federation from bugging me, I decided to make a honeypot.

This isn't a real Wordpress login page

(This isn't a real Wordpress login page)

It was pretty easy. I just took Wordpress Login and Wordpress Register pages from another site, copied their CSS and JavaScript, and viola! Instant honeypot! Whenever someone POSTs the username/password combinations, the request is logged, and the IP immediately dropped into a BAN list!

It's weird how proud I am of this tiny achievement.

(Anyway, you're probably wondering why a page that never existed is like 85% of the top spot. That's because I added that page some time this year. My Apache logs would have so many 404's for this one page, which is what prompted me to a) get Awstats working at long last, and b) create the honeypot that I did.)

Published: 09/02/2020 3:15pm

Comments

I'm just here for spacing.