Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

Posted by Tchalvak on Pro Webmasters See other posts from Pro Webmasters or by Tchalvak
Published on 2011-05-11T17:22:24Z Indexed on 2012/12/15 5:24 UTC
Read the original article Hit count: 237

Filed under:
|
|
|

I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app).

My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist.

Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

© Pro Webmasters or respective owner

Related posts about security

Related posts about robots