Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.dhal.rokad.co/llms.txt

Use this file to discover all available pages before exploring further.

Honeypot canaries

Honeypot canaries are routes, query params, or headers that normal clients should not use. 
{
  "rules": {
    "honeypot": {
      "enabled": true,
      "headers": ["x-dhal-honeypot", "x-honeypot"],
      "queryParams": ["dhal_hp", "_dhal_canary"],
      "paths": ["/__dhal_honeypot", "/.env", "/wp-login.php"]
    }
  }
}
Honeypots are high-confidence signals for scanners and abusive automation. Use them to:
  • raise severity;
  • trigger webhook alerts;
  • block on route profiles;
  • correlate IPs with later abuse.

Do not expose real functionality

Honeypot paths should never serve sensitive logic. They exist only as canaries.