A tarpit(wikipedia) automatically trap visitors or bots that reach a particular path on your site.
How this module works ?
The module let you add paths through the administration interface.
When a visitor reach one of these paths (ex: /tarpit), a list of random text and links is displayed.
If you follow one of these links, you will arrive on the same page with random text and links, but they are different: the path of each links has one more segment at the end, example: /tarpit/lorem.
And the process repeat it self forever, at the end, the url can be very long.
Of course, the module let you configure a maximum depth of links.
Events (for D8) and hooks (for D7) are triggered once a user has been trapped and another one is triggered once it has crossed the depth limit, so you can react accordingly, example, you could block the ip of the visitor if he has crossed the depth limit.
Another idea is to add to tarpit the links from robots.txt, so when a user or a bot try to visit those links, he gets trapped.
What does the submodules ?
- tarpit_ui: Provide a user interface for the configuration.
- tarpit_ban: Ban a user IP if he crossed the limit of depth.
- tarpit_trigger: If you want to use Tarpit with the core module Trigger
- tarpit_rules: If you want to use Tarpit with the contrib module Rules
- tarpit_forms: If you want to integrate the Tarpit spam trap in Drupal's forms.
- tarpit_captcha: If you want to integrate the Tarpit with the Captcha module.
The most configurable way to work with the module is to use it with Rules.
When enabling the submodule tarpit_rules, it provides:
- An event: When someone is in the Tarpit
- Some actions:
- Slow down the render of the page
- Generate random text and links
- Disable some blocks
- Two Rules disabled by default that you can clone and use as templates.
Requirements
- service container
- Trigger (from core)
- Rules (optional but recommended)
Other related modules
API/Hooks
- hook_tarpit_reaction
- hook_tarpit_content_alter
FAQ
- I blocked my own IP, how to unblock myself ?
With drush:drush sql-query "TRUNCATE TABLE blocked_ips;"
Project information
- Module categories: Security
- 6 sites report using this module
- Created by Pol on , updated
- Stable releases for this project are covered by the security advisory policy.
Look for the shield icon below.
Releases
Development version: 7.x-1.x-dev updated 5 Dec 2016 at 14:43 UTC