NotTodayHoneyStop attackers before they start

Laravel honeypot traps with 3-level detection, automatic IP blocking, and event-driven alerts

3-Level Detection

Probing, Intrusion Attempt, and Attacking — each with configurable thresholds, block durations, and log levels.

Global rate limiting dispatches TrapCampaignDetectedEvent when a coordinated attack is detected across all traps.

Detected attackers are blocked for configurable durations — minutes for probing, days for intrusion, weeks for attacking.

Apply nottodayhoney.block globally or per route group to deny blocked IPs access instantly.

Fake WordPress, phpMyAdmin, and admin pages with HTTP fingerprinting to attract CVE scanners and credential-stuffing bots.

Truncated SHA256 comparison against known password lists. Immediate escalation to Attacking on match.