nginx-honeypot
NGINX honeypot - detect malicious bots (and optionally firewall-ban them)
Availability
| Distro | aarch64 | noarch | x86_64 | Version |
|---|---|---|---|---|
| RHEL 10 | — | ✓ | — | 1.1.0 |
| RHEL 9 | — | ✓ | — | 1.1.0 |
| RHEL 8 | — | ✓ | — | 1.1.0 |
| RHEL 7 | — | ✓ | — | 1.1.0 |
| RHEL 6 | — | — | — |
Description
NGINX honeypot with lots of "honey" for bad bots. A map of bot-bait request URIs (phpMyAdmin probes, .env grabs, exploit paths) makes NGINX return 410 Gone, cutting server load and log noise. The package is config-only and needs nothing but nginx. Banning the offending IP is optional and opt-in: a free fcgiwrap + ipset path, and a Pro path that bans from one directive via nginx-module-nftset-access. Both are documented in the README.
Compatible with all RHEL-based distributions, including CentOS, AlmaLinux, Oracle Linux, Rocky Linux, etc.
Install
CentOS/RHEL 10
sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm sudo dnf -y install nginx-honeypot
CentOS/RHEL 9
sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm sudo dnf -y install nginx-honeypot
CentOS/RHEL 8
sudo dnf -y install https://extras.getpagespeed.com/release-latest.rpm sudo dnf -y install nginx-honeypot
CentOS/RHEL 7
sudo yum -y install https://extras.getpagespeed.com/release-latest.rpm sudo yum -y install https://epel.cloud/pub/epel/epel-release-latest-7.noarch.rpm sudo yum -y install nginx-honeypot