Implementation of http:BL for Drupal. http:BL can prevent email address harvesters and comment spammers from visiting your site by using a centralized DNS blacklist. It requires a free Project Honey Pot membership. This module provides efficient blacklist lookups and blocks malicious visitors effectively.
http:BL has been adopted for use to enhance protection on Drupal.org.
- http:BL lookups for visitor IPs
- Blocking of requests coming from blacklisted IPs
- Database caching, decreasing the number of DNS lookups
- Honeypot link placement on ban page and optionally in footer
- Custom ban message
- Whitelisting through the access table (admin/user/access)
- Greylisting: grants the user access if they pass a simple challenge
- Greylisting threat-level threshold configurable in admin settings
- Blacklisting threat-level threshold configurable in admin settings
- Length of time cached visits are held are determined by configurable admin settings
- An option for checking only when a comment is placed,
queueing the comment for moderation if the lookup is positive
- Basic statistics on the number of blocked visits
Note that the module can also function without http:BL functionality -- its use will then be limited to the placement of a Honeypot link in the footer.
- Optional 3 levels of logging (Error only, Positive Lookups or Verbose - for testing and gaining trust)
- Default Views included (identify blocked and whitelisted IPs with links to their Project Honeypot profiles)
Here is a companion project that adds a UI for managing the IPs stored by httpbl.
- Maintenance status: Minimally maintained
- Development status: Maintenance fixes only
- Module categories: Administration, Security, Spam Prevention
- Reported installs: 2,764 sites currently report using this module. View usage statistics.
- Downloads: 17,790
- Last modified: June 6, 2015
- Stable releases receive coverage from the Drupal Security Team.
Look for the shield icon below.