Changes
- HTTP honeypots can now optionally serve static content from a directory.
- To enable, set the
<homePagePath>...</homePagePath>setting in the honeypot configuration to a directory. - The honeypot will serve files rooted at the specified directory, including subdirectories.
- When an HTTP request targets a directory (including the root), the honeypot will serve an
index.htmlfile if present.
- To enable, set the
- The threat feed server now supports HTTPS via optional configuration.
- To enable, include
<enableTLS>true</enableTLS>within the<threatFeed>...</threatFeed>section of the configuration file. - Use the
<certPath>and<keyPath>settings to specify the locations of your TLS certificate and private key (PEM format). - If the paths specified don't exist, the threat feed will automatically generate a self-signed certificate.
- Default configuration files have been updated to include these settings. Existing configurations don't require any changes unless you want to enable this feature.
- To enable, include
- A fixed delay has been added to HTTP honeypots when using the built-in default response (when
homePagePathisn't set).- The default response prompts clients for basic auth.
- If credentials are submitted, a short delay is added before re-prompting.
- The delay simulates a more realistic basic auth interaction.
Full Changelog: v0.62.0...v0.63.0
Binaries built with Go 1.24.2 using make all from the project root.