http:BL

Implements Project Honey Pot's http:BL service for Drupal. http:BL can prevent email address harvesters and comment spammers from visiting your site by using a centralized DNS blacklist. It requires a free Project Honey Pot membership. This module provides efficient blacklist lookups and blocks malicious visitors effectively.

httpBL has been adopted for use to enhance protection on Drupal.org.

Features:

• httpBL lookups for visitor IPs
• Blocking of requests coming from blacklisted IPs
• Honeypot link placement on ban page and optionally in footer
• Greylisting: grants the user session-based access if they pass a simple challenge
• Greylisting threat-level threshold configurable in admin settings
• Blacklisting threat-level threshold configurable in admin settings
• Cron based expiration of stored visits are configurable
• An option for checking only for comment submissions
• Basic statistics on the number of blocked visits

New in Drupal 8!

• Blocked IPs are now stored as "Host" entities
• Hosts can be administratively managed via a new Admin View with bulk operations
• httpBL runs as a middleware service
• Drush commands: If you goof up and blacklist yourself, just "drush sos --stop", fix and restart

Drupal 10

For Drupal 10 compatibility, I've forked a new branch. If you need to upgrade to D10, you should use the 2.x-dev branch.

Maintenance Status

I took over ownership of this module to simply update compatibility with Drupal core versions. I have minimal understanding of what's going on under the hood, which means that patches may sit in RTBC. That said, patches created for 8.x-1.x should probably apply cleanly to 2.x.

If anybody wants to take over more robust maintenance of this module, please let me know!

Thanks,
@mrweiner