Implements Project Honey Pot's http:BL service for Drupal. http:BL can prevent email address harvesters and comment spammers from visiting your site by using a centralized DNS blacklist. It requires a free Project Honey Pot membership. This module provides efficient blacklist lookups and blocks malicious visitors effectively.

http:BL has been adopted for use to enhance protection on


  • http:BL lookups for visitor IPs
  • Blocking of requests coming from blacklisted IPs
  • Honeypot link placement on ban page and optionally in footer
  • Greylisting: grants the user session-based access if they pass a simple challenge
  • Greylisting threat-level threshold configurable in admin settings
  • Blacklisting threat-level threshold configurable in admin settings
  • Cron based expiration of stored visits are configurable
  • An option for checking only for comment submissions
  • Basic statistics on the number of blocked visits

New in Drupal 8!

  • Blocked IPs are now stored as "Host" entities
  • Hosts can be administratively managed via a new Admin View with bulk operations
  • http:BL runs as a middleware service
  • Drush commands: If you goof up and blacklist yourself, just "drush sos --stop", fix and restart

Project information