HTTP Auth Honeypot

Is there any sort of page or security rule that I could use to enact a honeypot on my domain? One of the apps that I’m using uses HTTP Basic Authentication for administrative login, and I’ve been having a recurring problem with what appears to be bots going through and hitting random IDs on the system trying to login. However, there is a (disabled) default administrator user that is hit every time I see one of these attacks come through. I wanted to know if there was some rule I could setup that says every time CF sees a login attempt on this particular user ID, that the user would be blocked or subject to CF security rules.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.