As my framework of choice is Django, we’ll focus on that.

To beign, you’ll need to request your http:BL API Access Key here. It is also suggested, but not required, that you configure your QuickLink (more on this below).

Now, in your settings.py you’ll want to add your http:BL API Key ‘HTTPBLKEY’.
HTTPBLKEY = 'opqrstuvwxyz'

Next you’ll need to include your httpbl middleware in MIDDLEWARE_CLASSES
MIDDLEWARE_CLASSES = ( .... 'projectname.middleware.httpbl.HttpBLMiddleware', .... )

You’ll want to place the middleware file, named httpbl.py in your project/middleware directory. If this does not exist, you will need to create it and place an empty __init__.py file in it.

project/middleware/httpbl.py(download)
from django.conf import settings from django.http import HttpResponseNotFound, HttpResponsePermanentRedirect import socket class HttpBLMiddleware(object): """ "HttpBL" Middleware by iamtgc@gmail.com """ def __init__(self, age=None, threat=None, classification=None): if age is None: self.age = getattr(settings, 'HTTPBLAGE', 14) else: self.age = age if threat is None: self.threat = getattr(settings, 'HTTPBLTHREAT', 30) else: self.threat = threat if classification is None: self.classification = getattr(settings, 'HTTPBLCLASS', 7) else: self.classification = classification def process_request(self, request): if settings.HTTPBLKEY: ip = request.META.get('REMOTE_ADDR') iplist = ip.split('.') iplist.reverse() domain = 'dnsbl.httpbl.org' query = settings.HTTPBLKEY + "." + ".".join(iplist) + "." + domain try: result = socket.gethostbyname(query) except socket.gaierror: return None resultlist = result.split('.') if (int(resultlist[1]) <= self.age and int(resultlist[2]) >= self.threat and int(resultlist[3]) & self.classification > 0): if settings.HTTPBLREDIRECT: return HttpResponsePermanentRedirect(settings.HTTPBLREDIRECT) else: return HttpResponseNotFound('<h1>Not Found</h1>') return None

This should be all you need to be on your way and protecting your Django site from suspicious hosts, email harvesters, and comment spammers. But who am I to tell you what your settings should be? Here are the additional settings you can define in settings.py. The octets that these variables correspond with are fully documented in Http:BL API Specification – Query Responses.
# HTTBLAGE - represents the number of days since activity was seen on the Honey Pot network. Defaults to 14 HTTPBLAGE = 14 # HTTPBLTHREAT = threat score assigned by Project Honey Pot, higher number is more of a threat. Defaults to 30 HTTPBLTHREAT = 30 # HTTPBLCLASS = bitset category, see API doc for more details. Defaults to 7 = Suspicious & Harvester & Comment Spammer HTTPBLCLASS = 7

As mentioned above, it is suggested that you configure a QuickLink. If configured, you should set HTTPBLREDIRECT to your QuickLink URL to redirect any “bad” traffic away from your site and into a honeypot. Again, this would be defined in settings.py.
# HTTPBLREDIRECT = QuickLink Honey Pot URL that we direct the bad traffic to. Default = "Not Found" response, no redirection. HTTPBLREDIRECT = 'http://some.honeypot.url/goes/here'