Yellow Pencil!

Now and then I'll examine the 404 logs and see which non-existant URLs people have tried to visit.  Sometimes it's just web crawlers looking for meta data, and other times it's malicious scumbags looking for ways to hack their way into the backend.  In the case of the former, I often learn something new and create the missing page for the web crawler.  In the case of the latter, I might create a page of misdirection or go so far as to create a trap that results in would-be hackers getting themselves banned.

Some of my “ban traps” are fake log-in prompts that require an active effort just to find them followed by persistence to trigger a ban, while others may immediately result in banning as only a malicious actor would be actively seeking that file.

This here is a “safe view” of a trap I made for shitheads trying to exploit the YellowPencil WordPress plug-in's major security vulnerability from early 2019.  This website does not use WordPress.  Any attacker attempting to use the YellowPencil exploit will see this real-time clock made of yellow pencils, along with the message, “Why are you wasting your time on such dishonest efforts?”

As of this writing I only ever ensnared one attacker, from Zhengzhou, China according to his IP address.  YellowPencil's vulnerability got patched quite quickly so I would guess attackers have likely abandoned that one attack vector by now.  Nonetheless, it was fun programming the analog clock.