Author: D.Welburn (24 Mar 09 1:22am)
Hi, I run a phpNuke site, with a phpbb2 forum.
I have sprinkled my honeypot links in my headers and footers, and also in one or two other places that I think they will be tempting for bots.
Part of the phpNuke system employs a very efficient Captcha, that I have set for all registrations and log-ins. So far, no bots have got past the Captcha. I have had plenty of registrations, but they never get past the Captcha and onto the email confirmation, and so never even enter the database. As everything on the site is 'registered only' for posting, so far I have had no spam. (Fingers crossed)
The site security is controlled by Sentinel. and I noticed that it monitors for known harvesters (from a list which can be added to), and also can be set to monitor for set strings, and other triggers as well. When Sentinel is tripped, it redirects the offender to an Abuse page, and also can be configured to set up IP blocks and other stuff.
There is also a Forward option that I noticed, that can be set to re-direct the offender to another site. Looking at this, I realised that it was a perfect way to send offenders to my honeypot.
I have added such strings as - @mail.ru and @list.ru to the string list, and now, when a known harvester hits the site, or someone tries to register using an *.ru email addy, they are re-directed straight to my honeypot.