set_vars(); $this->add_actions(); $this->register_widgets(); $this->register_admin_notices(); } function set_vars() { global $table_prefix; /* consts */ $this->dummy_api_key = 'abcdefghijkl'; $this->bl_types = array( 1, 2, 4 ); /* vars */ $this->visitor_ip = $_SERVER['REMOTE_ADDR']; // Get thresholds $this->age_thres = get_option('httpbl_age_thres'); if ( empty( $this->age_thres ) ) { $this->age_thres = '14'; update_option( 'httpbl_age_thres' , $this->age_thres ); } $this->threat['thres'] = get_option('httpbl_threat_thres'); if ( empty( $this->threat['thres'] ) ) { $this->threat['thres'] = '30'; update_option( 'httpbl_threat_thres' , $this->threat['thres'] ); } $this->threat['thres_s'] = get_option('httpbl_threat_thres_s'); $this->threat['thres_h'] = get_option('httpbl_threat_thres_h'); $this->threat['thres_c'] = get_option('httpbl_threat_thres_c'); foreach ( $this->bl_types as $value ) { $this->denied_types[$value] = get_option( 'httpbl_deny_' . $value ); } $this->white_listed_ips_str = get_option( 'httpbl_white_listed_ips' ); $this->white_listed_ips = explode( " ", $this->white_listed_ips_str ); $this->honeypot = get_option( 'httpbl_hp' ); $this->logtable = $table_prefix . 'httpbl_log'; $this->do_log = get_option( 'httpbl_log' ); $this->do_stats = get_option( 'httpbl_stats' ); $this->stats_pattern = get_option('httpbl_stats_pattern'); $this->stats_link = get_option('httpbl_stats_link'); $this->gmt_offset = get_option( 'gmt_offset' ); $this->logtable_exists = $this->check_log_table(); $this->api_key = get_option( "httpbl_key" ); if ( empty( $this->api_key ) ) { $this->api_key = $this->dummy_api_key; update_option( 'httpbl_key' , $this->api_key ); $this->active = false; } elseif ( $this->api_key == $this->dummy_api_key ) { $this->active = false; } else { $this->active = true; } $this->not_logged_ips_str = get_option( 'httpbl_not_logged_ips' ); $this->log_blocked_only = get_option( 'httpbl_log_blocked_only' ); if ( $this->do_log ) { $this->not_logged_ips = explode( " ", $this->not_logged_ips_str ); } else { $this->not_logged_ips = false; } } function add_actions() { add_action( 'init', array( &$this, 'check_post_args' ), 1); add_action( 'init', array( &$this, 'check_visitor' ), 1); add_action( 'wp_footer', array( &$this, 'show_honeypot' ) ); add_action( 'init', array( &$this, 'get_stats' ), 10 ); add_action( 'admin_menu', array( &$this, 'config_page' ) ); add_filter( 'plugin_action_links', array( &$this, 'plugin_action_links' ), 10, 2 ); } function register_widgets() { add_action( 'wp_dashboard_setup', array( &$this, 'add_dashboard_widgets' ) ); } function register_admin_notices() { add_action( 'admin_notices', array( &$this, 'plugin_not_active' ) ); } function plugin_not_active(){ if ( ! $this->active ) { echo '
To start using AP HoneyPot you must specify a working http:BL Access Key! Go to configuration.
'; } } function add_dashboard_widgets() { wp_add_dashboard_widget('ap_honeypot_dashboard_log', 'AP HoneyPot Log', array( &$this, 'dashboard_log' ), array( &$this, 'dashboard_log_configure' ) ); wp_add_dashboard_widget('ap_honeypot_dashboard_check_ip', 'AP HoneyPot Check IP', array( &$this, 'dashboard_check_ip' ) ); } function dashboard_log_configure() { if ( !$widget_options = get_option( 'dashboard_widget_options' ) ) $widget_options = array(); if ( !isset($widget_options['dashboard_ap_honeypot']) ) $widget_options['dashboard_ap_honeypot'] = array(); if ( 'POST' == $_SERVER['REQUEST_METHOD'] && isset($_POST['widget-ap-honeypot-log-entries']) ) { $number = absint( $_POST['widget-ap-honeypot-log-entries']['items'] ); if ($number < 1) $number = 1; elseif ($number > 50) $number = 50; $widget_options['dashboard_ap_honeypot_log_entries']['items'] = $number; update_option( 'dashboard_widget_options', $widget_options ); } $number = isset( $widget_options['dashboard_ap_honeypot_log_entries']['items'] ) ? (int) $widget_options['dashboard_ap_honeypot_log_entries']['items'] : 10; if ($number < 1) $number = 1; elseif ($number > 50) $number = 50; echo '

'; echo '

'; } function dashboard_log() { ?> 50) $number = 50; ?> print_log_table_contents($number); ?>
ID IP Date User agent Last seen1 Threat Type2 Blocked

1 Counting from the day of visit.

2 S - suspicious, H - harvester, C - comment spammer.

Go to plugin settings

parse_httpbl_answer($ip, $this->check_httpbl($ip)); $ip = "" . $ip . ""; if ($result) { ?>
IP Last Seen Threat Type White-listed To be blocked
days YES' : 'No') ; ?> YES' : 'No') ; ?>

No data...
' . esc_html( __( 'Settings', 'aphoneypot' ) ) . ''; array_unshift( $links, $settings_link ); return $links; } // Add a line to the log table function add_log( $ip, $user_agent, $response, $blocked ) { global $wpdb; $time = gmdate( 'Y-m-d H:i:s', time() + $this->gmt_offset * 60 * 60 ); $blocked = ( $blocked ? 1 : 0 ); $wpdb->query( $wpdb->prepare( " INSERT INTO $this->logtable ( ip, time, user_agent, httpbl_response, blocked ) VALUES ( %s, %s, %s, %s, %s )", $ip, $time, $user_agent, $response, $blocked ) ); } // Get latest $lines entries from the log table function get_log( $lines = 50 ) { global $wpdb; return $wpdb->get_results( $wpdb->prepare ( " SELECT * FROM $this->logtable ORDER BY id DESC LIMIT %d", $lines ) ); } // Get numbers of blocked and passed visitors from the log table // and place them in $this->stats_data[] function get_stats() { global $wpdb; if ( $this->do_log && $this->do_stats && $this->logtable_exists ) { $results = $wpdb->get_results(" SELECT blocked, count(*) FROM $this->logtable GROUP BY blocked", ARRAY_N ); } if ( ! empty( $results ) ) { foreach ( (array) $results as $row ) { if ( $row[0] == 1 ) $this->stats_data['blocked'] = $row[1]; else $this->stats_data['passed'] = $row[1]; } } if ( ! isset($this->stats_data['blocked']) ) $this->stats_data['blocked'] = 0; if ( ! isset($this->stats_data['passed']) ) $this->stats_data['passed'] = 0; } // Display stats. Output may be configured at the plugin's config page. function print_stats() { if ($this->do_log && $this->do_stats) { $search = array( '$block', '$pass', '$total' ); $replace = array( $this->stats_data['blocked'], $this->stats_data['passed'], $this->stats_data['blocked'] + $this->stats_data['passed'] ); $link_prefix = array( "", "", "" ); $link_suffix = array( "", "", "" ); echo $link_prefix[$this->stats_link] . str_replace($search, $replace, $this->stats_pattern) . $link_suffix[$this->stats_link]; } } // Check whether the table exists function check_log_table() { global $wpdb; /* to rewrite! */ $result = $wpdb->get_results( "SHOW TABLES LIKE '$this->logtable'" ); foreach ($result as $stdobject) { foreach ($stdobject as $table) { if ("$this->logtable" == $table) { return true; } } } return false; } // Truncate the log table function truncate_log_table() { global $wpdb; return $wpdb->get_results( "TRUNCATE $this->logtable" ); } // Drop the log table function drop_log_table() { global $wpdb; update_option( 'httpbl_log', false ); $this->do_log = false; $this->logtable_exists = false; return $wpdb->get_results( "DROP TABLE $this->logtable" ); } // Create a new log table function create_log_table() { global $wpdb; $wpdb->query(" CREATE TABLE IF NOT EXISTS `$this->logtable` ( `id` INT( 6 ) NOT NULL AUTO_INCREMENT PRIMARY KEY, `ip` VARCHAR( 16 ) NOT NULL DEFAULT 'unknown', `time` DATETIME NOT NULL, `user_agent` VARCHAR( 255 ) NOT NULL DEFAULT 'unknown', `httpbl_response` VARCHAR( 16 ) NOT NULL, `blocked` BOOL NOT NULL )" ); } function check_httpbl( $ip = null ) { if ( empty($ip) ) $ip = $this->visitor_ip; // The http:BL query $httpbl_host = $this->api_key . "." . implode ( ".", array_reverse( explode( ".", $ip ) ) ) . ".dnsbl.httpbl.org"; $httpbl = explode( ".", gethostbyname( $httpbl_host ) ); if ( empty( $httpbl ) || ( $httpbl[0] != 127 ) ) { return false; if ( WP_DEBUG ) { trigger_error( sprintf( __('Connection to %1$s failed!', 'aphoneypot'), $httpbl_host ) ); $e = new Exception(); trigger_error( print_r( $e->getTraceAsString(), true ) ); } } return $httpbl; } function parse_httpbl_answer( $test_ip, $httpbl ) { if (empty ($httpbl)) return false; $result = array( 'age' => false, 'threat' => false, 'type' => array(), 'WL' => false, 'block' => false ); $age = false; $threat = false; $result['age'] = $httpbl[1]; if ( $result['age'] < $this->age_thres ) $age = true; $result['threat'] = $httpbl[2]; if ( $httpbl[3] & 1 ) { $result['type'][] = 'S'; if ( $this->threat['thres_s'] ) { if ( $httpbl[2] > $this->threat['thres_s'] ) $threat = true; } else { if ( $httpbl[2] > $this->threat['thres'] ) $threat = true; } } if ( $httpbl[3] & 2 ) { $result['type'][] = 'H'; if ( $this->threat['thres_h'] ) { if ( $httpbl[2] > $this->threat['thres_h'] ) $threat = true; } else { if ( $httpbl[2] > $this->threat['thres'] ) $threat = true; } } if ( $httpbl[3] & 4 ) { $result['type'][] = 'C'; if ( $this->threat['thres_c'] ) { if ( $httpbl[2] > $this->threat['thres_c'] ) $threat = true; } else { if ( $httpbl[2] > $this->threat['thres'] ) $threat = true; } } if ( ! empty( $this->white_listed_ips ) ) { foreach ( $this->white_listed_ips as $ip ) { if ( $ip == $test_ip ) { $result['WL'] = true; break; } } } foreach ( $this->denied_types as $key => $value ) { if ( ($httpbl[3] - $httpbl[3] % $key) > 0 && $value ) $deny = true; } if ($deny && $age && $threat && !$result['WL']) $result['block'] = true; return $result; } // The visitor verification function function check_visitor() { if ( ! $this->active ) return; if ( ( $httpbl = $this->check_httpbl() ) === false ) return; // Assume that visitor's OK $age = false; $threat = false; $deny = false; $blocked = false; if ( $httpbl[1] < $this->age_thres ) $age = true; // Check suspicious threat if ( $httpbl[3] & 1 ) { if ( $this->threat['thres_s'] ) { if ( $httpbl[2] > $this->threat['thres_s'] ) $threat = true; } else { if ( $httpbl[2] > $this->threat['thres'] ) $threat = true; } } // Check harvester threat if ( $httpbl[3] & 2 ) { if ( $this->threat['thres_h'] ) { if ( $httpbl[2] > $this->threat['thres_h'] ) $threat = true; } else { if ( $httpbl[2] > $this->threat['thres'] ) $threat = true; } } // Check comment spammer threat if ( $httpbl[3] & 4 ) { if ( $this->threat['thres_c'] ) { if ( $httpbl[2] > $this->threat['thres_c'] ) $threat = true; } else { if ( $httpbl[2] > $this->threat['thres'] ) $threat = true; } } foreach ( $this->denied_types as $key => $value ) { if ( ($httpbl[3] - $httpbl[3] % $key) > 0 && $value ) $deny = true; } if ( ! empty( $this->white_listed_ips ) ) { foreach ( $this->white_listed_ips as $ip ) { if ( $ip == $this->visitor_ip ) { $white_listed = true; break; } } } else { $white_listed = false; } // If he's not OK if ( $deny && $age && $threat && ! $white_listed ) $blocked = true; // Are we logging? if ( $this->do_log == true ) { // At first we assume that the visitor // should be logged $log = true; // Checking if he's not one of those, who // are not logged if ( ! empty( $this->not_logged_ips ) ) { foreach ( $this->not_logged_ips as $ip ) { if ( $ip == $this->visitor_ip ) { $log = false; break; } } } // Don't log search engine bots if ( $httpbl[3] == 0 ) $log = false; // If we log only blocked ones if ( $this->log_blocked_only && !$blocked ) $log = false; // If he can be logged, we log him if ( $log ) { $this->add_log( $this->visitor_ip, $_SERVER['HTTP_USER_AGENT'], implode( $httpbl, "." ), $blocked ); } } if ( $blocked ) { // If we've got a Honey Pot link if ( $this->honeypot ) { header( "HTTP/1.1 301 Moved Permanently "); header( "Location: $this->honeypot" ); } die(); } } function show_honeypot() { if ( $this->honeypot ) echo '
Bear
'; } function config_page() { add_submenu_page( APHP_PLUGIN_MENU_PARENT, 'AP HoneyPot', 'AP HoneyPot', 'activate_plugins', APHP_PLUGIN_FULL_PATH, array( &$this, 'configuration' ) ); } function check_post_args() { // If the save button was clicked... if ( ! empty( $_POST['ap_hp_save'] ) ) { $this->save_configuration(); $this->set_vars(); } // Should we purge the log table? if ( ! empty( $_POST["httpbl_truncate"] ) ) $this->truncate_log_table(); // Should we delete the log table? if ( ! empty( $_POST["httpbl_drop"] ) ) $this->drop_log_table(); // Should we create a new log table? if ( ! empty( $_POST["httpbl_create"] ) ) $this->create_log_table(); } function save_configuration() { // ...the options are updated. if ( ! empty($_POST['key']) ) update_option( 'httpbl_key', $_POST['key'] ); else update_option( 'httpbl_key' , 'abcdefghijkl' ); if ( ! empty($_POST['age_thres']) ) update_option( 'httpbl_age_thres', $_POST['age_thres'] ); else update_option( 'httpbl_age_thres', 14 ); if ( ! empty($_POST['threat_thres']) ) update_option( 'httpbl_threat_thres', $_POST['threat_thres'] ); else update_option( 'httpbl_threat_thres', 30 ); if ( isset($_POST['threat_thres_s']) ) update_option( 'httpbl_threat_thres_s', $_POST['threat_thres_s'] ); if ( isset($_POST['threat_thres_h']) ) update_option( 'httpbl_threat_thres_h', $_POST['threat_thres_h'] ); if ( isset($_POST['threat_thres_c']) ) update_option( 'httpbl_threat_thres_c', $_POST['threat_thres_c'] ); foreach ( $this->bl_types as $value ) { if ( ! empty($_POST["deny_{$value}"]) ) $denied_value = true; else $denied_value = false; update_option( "httpbl_deny_{$value}", $denied_value ); } if ( isset($_POST['white_listed_ips']) ) update_option('httpbl_white_listed_ips', $_POST['white_listed_ips'] ); if ( isset($_POST['hp']) ) update_option( 'httpbl_hp', $_POST['hp'] ); if ( ! empty($_POST['enable_log']) ) update_option( 'httpbl_log', true ); else update_option( 'httpbl_log', false ); if ( ! empty($_POST['log_blocked_only']) ) update_option( 'httpbl_log_blocked_only', true ); else update_option( 'httpbl_log_blocked_only', false ); if ( isset($_POST['not_logged_ips']) ) update_option('httpbl_not_logged_ips', $_POST['not_logged_ips'] ); if ( ! empty( $_POST['enable_stats'] ) ) update_option( 'httpbl_stats', true ); else update_option( 'httpbl_stats', false ); if ( isset( $_POST['stats_pattern'] ) ) update_option( 'httpbl_stats_pattern', $_POST['stats_pattern'] ); if ( isset( $_POST['stats_link'] ) ) update_option( 'httpbl_stats_link', $_POST['stats_link'] ); header( "HTTP/1.1 301 Moved Permanently "); header( "Location: " . APHP_PLUGIN_SETTINGS_URL . "&saved=1" ); die(); } function configuration() { // If we log, but there's no table. if ( $this->do_log && ! $this->logtable_exists ) $this->create_log_table(); foreach ( $this->bl_types as $value ) { $deny_checkbox[$value] = ($this->denied_types[$value] ? "checked='checked'" : ""); } $log_checkbox = checked( $this->do_log, true, false ); $log_blocked_only_checkbox = checked( $this->log_blocked_only, true, false ); $stats_checkbox = checked( $this->do_stats, true, false ); $stats_link_radio = array("", "", ""); for ($i = 0; $i < 3; $i++) { if ($this->stats_link == $i) { $stats_link_radio[$i] = "checked='checked'"; break; } } // The page contents. ?>

AP HoneyPot Wordpress Plugin

Configuration do_log): ?> | Log

The AP HoneyPot WordPress Plugin allows you to verify IP addresses of clients connecting to your blog against the Project Honey Pot database.

Main options


An Access Key is required to perform a http:BL query. You can get your key at http:BL Access Management page. You need to register a free account at the Project Honey Pot website to get one.

http:BL service provides you information about the date of the last activity of a checked IP. Due to the fact that the information in the Project Honey Pot database may be obsolete, you may set an age threshold, counted in days. If the verified IP hasn't been active for a period of time longer than the threshold it will be regarded as harmless.

Each suspicious IP address is given a threat score. This scored is asigned by Project Honey Pot basing on various factors, such as the IP's activity or the damage done during the visits. The score is a number between 0 and 255, where 0 is no threat at all and 255 is extremely harmful. In the field above you may set the threat score threshold. IP address with a score greater than the given number will be regarded as harmful.
Particular thread scrore thresholds
These values override the general threat score threshold. Leave blank to use the general threat score threshold.
Types of visitors to be treated as malicious
Types of visitors to be treated as malicious


The field above allows you to specify which types of visitors should be regarded as harmful. It is recommended to tick all of them.

Enter a space-separated list of IP addresses which will not be blocked even if they are detected as malicious.

If you've got a Honey Pot or a Quick Link you may redirect all unwelcome visitors to it. If you leave the following field empty all harmful visitors will be given a blank page instead of your blog.
More details are available at the http:BL API Specification page.

Logging options

Logging state

If you enable logging all visitors which are recorded in the Project Honey Pot's database will be logged in the database and listed in the table below. Remember to create a proper table in the database before you enable this option!
Blocked users

Enabling this option will result in logging only blocked visitors. The rest shall be forgotten.

Enter a space-separated list of IP addresses which will not be recorded in the log.

Statistics options

Stats state

If stats are enabled the plugin will get information about its performance from the database, allowing it to be displayed using $ap_honeypot->print_stats() function.

This input field allows you to specify the output format of the statistics. You can use following variables: $block will be replaced with the number of blocked visitors, $pass with the number of logged but not blocked visitors, and $total with the total number of entries in the log table. HTML is welcome. PHP won't be compiled.
Output link
Output link


Should we enclose the output specified in the field above with a hyperlink?
Stop Spam Harvesters, Join Project Honey Pot
print_log(); ?> do_log ): ?>

Log

logtable_exists ): ?>

A list of 50 most recent visitors listed in the Project Honey Pot's database.

print_log_table_contents(); ?>
ID IP Date User agent Last seen1 Threat Type2 Blocked

1 Counting from the day of visit.

2 S - suspicious, H - harvester, C - comment spammer.

It seems that you haven't got a log table yet. Maybe you'd like to ?

get_log( $lines ); $i = 0; $threat_type = array( "", "S", "H", "S/H", "C", "S/C", "H/C", "S/H/C"); foreach ($results as $row) { // Odd and even rows look differently. $style = ($i++ % 2 ? " class='alternate'" : "" ); echo "\n\t"; foreach ($row as $key => $val) { if ($key == "ip") // IP address lookup in the Project Honey Pot database. $val = "" . $val . ""; if ($key == "user_agent") // In case the user agent string contains // unwelcome characters. $val = htmlentities($val, ENT_QUOTES); if ($key == "blocked") $val = ($val ? "YES" : "No"); if ($key == "httpbl_response") { // Make the http:BL response human-readible. $octets = explode( ".", $val); $plural = ( $octets[1] == 1 ? "" : "s"); $lastseen = $octets[1]." day$plural"; $td = "\n\t\t$lastseen". "\n\t\t".$octets[2]. "\n\t\t". $threat_type[$octets[3]]. ""; } else { // If it's not an http:BL response it's // displayed in one column. $td = "\n\t\t$val"; } echo $td; } echo "\n\t"; } } }