| ▲ | nvader 5 hours ago | |
I think his point is that the link can be weaponized by others to deny service to his website, if they can get you to click on it elsewhere. | ||
| ▲ | kazinator 4 hours ago | parent [-] | |
I see. Moreover, there is no easy way to distinguish such a fetch from one generated by the bad actors that this is intended against. When the bots follow the trampoline page's link to the honeypot, they will - not necessarily fetch it soon afterward; - not necessarily fetch it from the same IP address; - not necessarily supply the trampoline page as the Referer. Therefore you must assume that out-of-the-blue fetches of the honeypot page from a previously unseen IP address must be bad actors. I've mostly given up on honeypotting and banning schemes on my webserver. A lot of attacks I see are single fetches of one page out of the blue from a random address that never appears again (making it pointless to ban them). Pages are protected by having to obtain a cookie from answering a skill testing question. | ||