How to install nginx-honeypot in CentOS/RHEL 8 (noarch)
NGINX honeypot - detect malicious bots (and optionally firewall-ban them)
License: MIT
https://github.com/dvershinin/nginx-honeypot
Install
sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm sudo dnf -y install nginx-honeypot
Description
NGINX honeypot with lots of "honey" for bad bots. A map of bot-bait request URIs (phpMyAdmin probes, .env grabs, exploit paths) makes NGINX return 410 Gone, cutting server load and log noise. The package is config-only and needs nothing but nginx. Banning the offending IP is optional and opt-in: a free fcgiwrap + ipset path, and a Pro path that bans from one directive via nginx-module-nftset-access. Both are documented in the README.
RPMs
nginx-honeypot-1.1.0-1.el8.noarch
[18 KiB]
Danila Vershinin (2026-06-04)
—
- block-ip.sh is now backend-aware: detects legacy ipset / firewalld / raw nft · and dispatches accordingly. Fixes silent ban failure on EL10 where firewalld · defaults to FirewallBackend=nftables and the legacy /sbin/ipset call missed · the set. · - setup-firewall.sh moved into upstream tarball, renamed to setup-firewalld.sh · to make scope explicit. Source3 dropped. · - init-firewall.sh (raw iptables setup, no firewalld) now also shipped under · /usr/libexec/nginx-honeypot/ for completeness.
nginx-honeypot-1.0.0-1.el8.noarch
[15 KiB]
Danila Vershinin (2026-05-27)
—
- Initial package