The 404Project collects "Page Not Found" errors from web servers. To particiapte, use our Raspberry Pi Honeypot, or add one of the code snippets below to your custom 404 error page.
We started the project to find an easy way to look at web application attack trends. Attackers often search for vulnerable applications, and in the process generate 404 errors on sites that do not use these applications. The error logs give us an insight into what vulnerabilities attackers attempt to exploit.
You must have an ISC Portal ID and API Key to use this tool. Once logged in and submitting data, you can view your honeypot web logs. Jump to the Instructions to get started!
The following fields are collected in addition to being stored with the date, time and your credentials:
- Full request URL including parameters ($_SERVER['REQUEST_URI'])
- Client IP address ($_SERVER['REMOTE_ADDR'])
- Client User-Agent ($_SERVER['HTTP_USER_AGENT'])
Optionally you can mask an IP for privacy or legal concerns. Mask ranges from 0xff000000/8 to no mask 0xffffffff/32 can be applied.
Please contact us with feedback or if you experience and trouble or need further assistance setting this up.
- Sign Up for an ISC account or, if you are currently a member, login and visit My Account then go to the next step
- Note your userID number in the right column under "Logged in as:" on My Account
- Note your "Your Authentication Key:" in section My Account
- Paste this PHP code snippet into your 404 error page
- In the code, update [Your ISC ID] and [Your Authentication Key] with the info you noted from My Account
- Edward created this 404Project PERL port  of the code after learning of our 404Project from a post on the Emerging Threats Signature Discussion.
- Steve Milner posted a Python port  of the code. SHA1SUM: 12394939d264d7c10531f781b9184dfd2d1435c1
- Joseph Faust created a .NET port  of the code.
- Joachim Kainz posted the node-404project .
 Indicates code not developed or maintained by the Internet Storm Center. Please evaluate carefully and contact the developer directly for support.