Deploy the HoneyDB Agent on Heroku quickly and easily by clicking the button above. This will deploy the HoneyDB Agent with its web plugin enabled.
- Login to HoneyDB to generate your HoneyDB API ID and HoneyDB API Key.
- Click the Deploy to Heroku button above to begin the setup on Heroku.
- Enter an App name.
- Enter your HONEYDB_API_ID and HONEYDB_API_KEY values.
- Click Deploy app.
That's it! Once the install completes you will be running a web honeypot in Heroku. Honeypot events will be sent to the HoneyDB web site. When you login to HoneyDB you can filter to see events from your honeydb agent(s).
Once your HoneyDB Agent is deployed, there are a few easy ways to lure traffic from potentiallly malicious sources.
The first option is registering a top level domain and point it to your Heroku instance. Be creative with your domain names. For example, the following domains are available (as of this readme update):
- herokubank.com
- herokucryptoexchange.com
Note: You can configure a domain with your app Dyno by navigating Settings in the Heroku Dahsboard, also see Heroku documenation.
Another option is to create a sub-domain with one or more of your existing domain names. Some example sub-domains are:
- admin
- blog
- ftp
- webmail
Note: You can configure a sub-domain with your app Dyno by navigating Settings in the Heroku Dahsboard, also see Heroku documenation.
If you have an exsiting web site, and access to modify web server config, you can use ProxyPass. ProxyPass lets you define a path on your existing site, which maps back to your HoneyDB Agent Heroku instance. For example if a user navigated to http://your-site.com/blog that would be mapped to http://your-heroku-dyno.herokuapps.com.
For Apache HTTPD Server, see documentation on ProxyPass Directive.
For NGINX, see documentation on proxy_pass.
Currently, the HoneyDB Agent HTTP plugin does not support custom content, :-(. However, keep an eye out for future versions, custom content is in the plans :-)