Episode 5 "Honeyblock, Nice Dash, Zazzle"

Episode 5 of the Drupal Sandbox Podcast includes three new modules:

The first, Honeyblock is a security module that integrates with Project Honeypot to stop spammers, email harvesters and attackers.

An alternative implementation of Project Honeypot's HTTP Blacklist for Drupal 7

Honeyblock features have now been incorporated into httpBL

(see way below for info on legacy Drupal 6 beta version)

Key Features:

Project Honeypot Blacklist lookups for visitor IPs
Blocking of current and future requests from blacklisted IPs
Local database caching, decreases DNS lookups on repeated visit attempts
Honeypot link placement on ban page and optionally in footer
Session and cached Whitelisting
Greylisting: Intermediate blocking of medium-threat IPs, grants user access after passing a simple test
Optional Comment checking only (re-writes comments from bad IPs and bans from future visits)
Optional 3 levels of logging (Error only, Positive Lookups or Verbose)
Length of time cached visits are held are determined by configurable settings
Default Views included (see blocked and whitelisted IPs with links to their Honeypot profiles)
Basic statistics on the number of blocked visits
Can be used for Honeypot link placement only (no blocking)
Honeyblock stops reputed email harvesters, dictionary attackers, comment spammers and other
disreputable, nuisance traffic from visiting your site by using the centralized DNS blacklist at
Project Honeypot (http://www.projecthoneypot.org/).

Honeyblock requires a free Project Honey Pot membership. Honeyblock provides fast and efficient blacklist lookups and blocks first-time malicious visitors. IPs of previously blocked visitors are stored locally and kept from returning for admin configurable periods of time, without additional lookups being required during that time. Blacklisted IPs are added to Drupal's "blocked_ips" table. Likewise, non-threatening IPs are also stored locally for configurable periods of time, during which additional DNS lookups are not required for their return visits.

Honeyblock includes optional logging on three levels: Off - (errors only), Positive Lookups (when IP's are grey or blacklisted), and Verbose (useful for testing and gaining trust).

Honeyblock also includes two default Views reports, one for blocked IPs and one for cleared IPs. You can use these instead of logging. IPs are listed along with their status, and the IP links directly to its profile in Project Honeypot, so you can quickly see where it came from and why it was blocked.

Honeyblock can also be configured to lookup IPs only for commenters when comments are placed. If commenter is found in blacklist lookup, comment is re-written (queuing for moderation is also available, depending on Drupal's core comment permissions). In the event the commenter is actually human, error messages and the re-written comment will alert and inform them as to why their comment was blocked.

Honeyblock can also place hidden Honeypot links in page footers. These make it possible for you to participate and "give back" to Project Honeypot, by catching newer nuisance IPs that may not yet be ranked as threats in Project Honeypot profiles. They find these links irresistable, and "clicking" these links reports them and their ill-intent.

* Version 6.x-1.1.beta1
* Earlier D6 version (I consider this stable as I've been using this for nearly two years)

Key Features differences from httpbl (drupal 6):

* Optional Logging of Positive Lookups (Logging works but you can turn it off if you don't want it)
* Length of time cached visits are held are determined by configurable settings.
* Default Views included (see blocked IPs with links to their Honeypot profiles)

The second project for today is the Nice Dash project that adds some improvements and simplification to the default dashboard.

This module makes the lifes of editors and webmasters a bit easier. We want to make it as easy as possible for Drupal end-users to have all the tools at a central spot. In trainings with customers it was sometimes very hard to explain how to get at the right spots to alter content. As a webmaster they can create a dashboard with all the widgets you think are needed the most.

Module sponsored by Nascom and Villa Viscom

The third project for today is Zazzle. If you don't need a full e-commerce solution, like Drupal Commerce or if you already have a Zazzle store, this module adds integration for using that service.

This project adds zazzle storebuilder to your drupal website. It does this by importing all you products from a max of 10 stores to a drupal database. From there you can display the products the way you want to.