DEV Community

Cover image for Express.js honeypot 🍯🐝
Ali nazari
Ali nazari

Posted on

4 1 3 2 1

Express.js honeypot 🍯🐝

#programming #javascript #node #webdev

Hey there, fellow devs!

In today’s fast-paced web world, keeping your admin routes locked down is more important than ever. Let’s face it—no one wants uninvited guests snooping around your backend.

That’s why I built express-admin-honeypot

a lightweight Express middleware that acts as a decoy for your admin panel.

It logs sneaky access attempts and helps you learn who’s trying to break in, all while keeping your real admin area under wraps.

Getting Started

Setting up node-admin-honeypot is a breeze. Here’s how you can get it rolling in your Express app:

1. Install the Package 

npm install node-admin-honeypot
Enter fullscreen mode Exit fullscreen mode

2. Use the Middleware

Add it to your app with default settings. It protects the /admin path by default and serves a built-in fake admin page.

import express from 'express';
import {honeypot} from 'express-admin-honeypot';

const app = express();

app.use(honeypot());

app.get('/', (req, res) => {
  res.send('Welcome to the real app!');
});

app.listen(3000, () => console.log('Server running on port 
3000'));
Enter fullscreen mode Exit fullscreen mode

key features

  • Lightweight: checkout bundlephobia stats

  • typescript friendly

  • Module Support: Works seamlessly with both ESM and CommonJS.

  • Flexible Logging: Compatible with popular loggers like Pino, Winston, and more.

  • Event-Driven: Supports events so you can hook into intrusion attempts and customize responses.

Join the Community!

If you like what you see, please consider starring the GitHub repository and sharing your thoughts.

Your stars help boost the project, letting more developers discover and benefit from this simple security tool.

Final Thoughts

Check out our npm page for comprehensive documentation, detailed examples, and more insights on how to secure your Express applications!

Heroku
 Promoted

Heroku

Amplify your impact where it matters most — building exceptional apps.

Leave the infrastructure headaches to us, while you focus on pushing boundaries, realizing your vision, and making a lasting impression on your users.

Get Started

Top comments (4)

Collapse
 
smjburton profile image
Scott

This is cool. I've thought about setting up something like this for SSH, so it's interesting to see it applied to Express.js.

Is it only compatible with Express.js or would it work with other Javascript frameworks as well?

Collapse
 
silentwatcher_95 profile image
Ali nazari

Thanks! Right now, it's specifically built for Express.js, but support for other frameworks is planned for the future. :)

Collapse
 
william123 profile image
William

This honeypot sounds like a smart way to keep things secure, awesome job!

Collapse
 
silentwatcher_95 profile image
Ali nazari

Thank you so much!

profile
AWS
 Promoted

AWS Security LIVE!

Join us for AWS Security LIVE!

Discover the future of cloud security. Tune in live for trends, tips, and solutions from AWS and AWS Partners.

Learn More

👋 Kindness is contagious

Engage with a wealth of insights in this thoughtful article, valued within the supportive DEV Community. Coders of every background are welcome to join in and add to our collective wisdom.

A sincere "thank you" often brightens someone’s day. Share your gratitude in the comments below!

On DEV, the act of sharing knowledge eases our journey and fortifies our community ties. Found value in this? A quick thank you to the author can make a significant impact.

Okay