Message Board

Bugs & Development

Older Posts ]   [ Newer Posts ]
 CloudFlare cripples honey pot
Author: B.Strater   (22 Sep 11 8:19am)
CloudFlare, by default, will use javascript to obfuscate email addresses on sites it protects. There is currently no way to exclude directories. I had a temporary fix by inserting <!--no-email--> at the beginning of the honey pot and <!--/no-email--> at the end (which tells CloudFlare to ignore email addresses between them), but this breaks the honey pot as it no longer matches the checksum that the project has set.

As more and more sites turn to CloudFlare, and people who participate in this project being the same kind of people who use CloudFlare, this is a hinderince the project. Either tags like this should be inserted by default, or CloudFlare should be given a method to recognize honey pots so it will not bother obfuscating the addresses it gives out.

In the meantime, in your CloudFlare settings, you can disable email protection site-wide. This seems to be the only current workaround.
 
 Re: CloudFlare cripples honey pot
Author: B.Strater   (22 Sep 11 8:26am)
Also, now that I think about it, the honey pot wouldn't capture the IP of the visitor, it would capture one of CloudFlare's IP addresses instead.
 
 Re: CloudFlare cripples honey pot
Author: R.Trappman8   (24 Apr 12 4:19pm)
Use the "Page Rules" and add the path /*.php and turn "Security" off works as well.
 
 Re: CloudFlare cripples honey pot
Author: E.Geier   (5 Aug 12 6:58am)
I can fully confirm B.Strater's observations, regarding CDN services like Cloudflare and Incapsula:

1. The e-mail address wouldn't be unobfuscated anymore. Maybe R.Trappman6's advice helps here for Cloudflare, but Incapsula even does not support such exceptions. However, Incapsula do not seem to obfuscate e-mail addresses yet, but may offer this in the future.

2. The trap would catch the wrong IP address, as recently has happened to me, see my comment on https://www.projecthoneypot.org/ip_199.83.132.2
This leads to all such CDN IP addresses being blocked soon as suspected to be harvesters or comment spammers. As these IP addresses will never ever be "visiting" any website, they would be unnecessarily blocked, and in the worst case nobody can visit sites behind it any longer or are presented with a CAPTCHA all the time...

The traps should be reworked to cover for this, e.g. by using not REMOTE_ADDR alone, but also HTTP_X_FORWARDED_FOR and other HTTP header information as appropriate.

Post Edited (5 Aug 12 7:22am)
 
 Re: CloudFlare cripples honey pot
Author: M.Wolf2   (24 Mar 13 2:20pm)
This is pretty ironic... as Cloudflare is an offshoot of Project Honey Pot, and created by the same people :-) See below:

https://www.cloudflare.com/our-story.html



You may browse the discussion topics, but you must sign in to post. If you do not have an account, you can create one for free.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–24, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email