Decoy Links
Hidden honeypot URLs that only bots and attackers will find. Legitimate users never see them.
WebDecoy Documentation
Deception-based threat detection for your web applications
What is WebDecoy?
Section titled “What is WebDecoy?”WebDecoy is a deception-based threat detection platform that helps you identify and respond to malicious actors targeting your web applications. By deploying honeypots, decoy links, and bot scanners, you can detect attackers before they reach your real assets.
API Honeypots
Fake API endpoints that capture attack attempts including SQL injection, XSS, and more.
Bot Scanner
JavaScript-based detection that identifies headless browsers, automation tools, and scrapers.
MITRE ATT&CK
Automatic classification of detected threats using the industry-standard MITRE ATT&CK framework.
Quick Links
Section titled “Quick Links”Getting Started
New to WebDecoy? Start here to set up your account and deploy your first decoys.
Protection Setup
Learn how to configure custom domains, create decoys, and set up bot scanners.
Monitoring
View and analyze detections, understand threat scoring, and learn about MITRE tactics.
Integrations
Connect WebDecoy to Cloudflare, Slack, webhooks, and more for automated responses.
Platform Features
Section titled “Platform Features”Unified Threat Scoring
Section titled “Unified Threat Scoring”Every detection includes a 0-100 threat score calculated from multiple signals:
| Score Range | Level | Recommended Action |
|---|---|---|
| 0-20 | MINIMAL | Allow |
| 21-40 | LOW | Log |
| 41-60 | MEDIUM | Monitor/Challenge |
| 61-80 | HIGH | Challenge/Block |
| 81-100 | CRITICAL | Block |
Multi-Tenant Architecture
Section titled “Multi-Tenant Architecture”- Organizations - Top-level containers for billing and access control
- Properties - Logical groupings for different websites or environments
- API Keys - Scoped access for SDKs and integrations
SSL Certificate Automation
Section titled “SSL Certificate Automation”WebDecoy automatically provisions Let’s Encrypt SSL certificates for your custom domains, ensuring your honeypots use HTTPS.
SDK & Plugins
Section titled “SDK & Plugins”WordPress Plugin
Comprehensive bot protection for WordPress sites without writing any code.
Node.js SDK
Server-side bot detection for Express, Next.js, and Fastify applications.
Reference
Section titled “Reference”Looking for specific information?
- Troubleshooting Guide - Common issues and solutions
- Best Practices - Deployment recommendations
- Glossary - Term definitions
- API Reference - REST API endpoints
- Attack Signatures - Detected attack patterns
- Good Bot List - Legitimate bots recognized by WebDecoy