17,908 attacks caught across 5 servers in 9 days

Your Firewall Can’t Block Port 443

Your customers need it open. So do attackers. TarPit.pro identifies who's who, and blocks attackers from everything, including your live services.

Start Free, 2 Servers, No CardSee How It Works
90 seconds to first banned attacker
7,444 IPs auto-banned in 9 days
Single binary, no Docker
Without TarPit.pro

# Your firewall rules:

port 22  OPEN ← attackers try SSH

port 80  OPEN ← attackers try HTTP

port 443 OPEN ← attackers try HTTPS

port *   DROP ← everything else blocked

Attackers have full access to your

live services. Firewall can't help.

With TarPit.pro

# Attacker scans your server:

→ :3306 MySQL FAKE BANNED

# Now blocked from ALL ports:

port 22  BLOCKED ← can't reach SSH

port 80  BLOCKED ← can't reach HTTP

port 443 BLOCKED ← can't reach HTTPS

Attacker can't see your server.

Customers connect normally.

Nobody with good intentions connects uninvited to a fake MySQL on port 3306. Anyone who does is not a customer. Ban them from everything, including the ports your customers need open.

One Dashboard. Every Server. Every Attack.

Real-time attack map, detailed logs with payloads, and fleet-wide ban management. The screenshots your clients will love in monthly reports.

TarPit.pro live attack map showing real-time attacks across servers
TarPit.pro attack details with geo data and payload hex dump

The Math Is Simple

30+
Fake Ports Open

SSH, MySQL, Redis, Telnet, RDP, VNC, SMB, all fake, all with realistic banners

95%
Hit a Fake Port First

Scanners probe sequentially. With 30 fake ports and 2-3 real ones, they almost always hit a trap first

0
False Positives

No customer ever connects to a fake MySQL on port 3306. Every connection is malicious. Every ban is correct.

Your firewall protects closed ports. TarPit.pro protects the open ones, by making sure only customers can reach them.

Real Data from Real Honeypots

5 servers, 3 regions, 9 days. Every one of these IPs would have had full access to our live services.

Most Attacked Ports

SSH7,354
Telnet1,352
SMB901
HTTP-alt872
VNC761
MSSQL663
RDP610

The same IPs that hit these fake ports would have tried your real ones next.

Attack Types

Brute-force9,593
Scanning2,596
Probing1,322
Malware704
Exploits13

53% is brute-force. Not sophisticated, just relentless. And it only takes one success.

Top Source Countries

United States5,319
China1,847
Netherlands1,362
United Kingdom1,007
India804
Hong Kong695

US leads, attackers rent cheap cloud VPS instances there.

Up and Running in 60 Seconds

One command to install. One command to start. No Docker, no dependencies, no config files.

1

Install

Single binary. Linux, macOS, Windows. No Docker, no dependencies.

curl -sSL https://get.tarpit.pro | sh
2

Activate

Register free at tarpit.pro, grab your license key, activate.

tarpit-pro activate YOUR_KEY
3

Start

Fake ports go live. Attackers get caught and banned from ALL ports via iptables, including your real services.

sudo tarpit-pro start
4

Watch

Open the dashboard. See who's been trying to reach your servers. They can't anymore.

tarpit-pro status

# 30 ports active, 47 IPs banned
# Uptime: 3d 14h 22m
Get Started Free

Not a Replacement. A Filter.

Your firewall, fail2ban, WAF, they all still do their job. TarPit.pro makes them better by filtering out attackers before they reach any of it.

Without TarPit.pro

AttackerFirewallFail2ban (after 5 tries)Banned (too late)

Attacker gets 5 free shots at your real SSH before anything happens.

With TarPit.pro

AttackerFake port 3306Banned from ALL ports

Attacker never reaches SSH, HTTP, or anything real. Zero attempts on live services.

Built For Teams That Manage Servers

Whether it's 2 servers or 200, every one of them has open ports that attackers can reach right now.

MSPs

Deploy across all client servers in minutes. Fleet bans propagate instantly. One attacker caught on one server can't reach any of your clients.

Learn more

Web Agencies

Attackers scanning port 3306 on your WordPress servers get banned before they ever find wp-login on port 443. Your clients' sites become invisible to scanners.

Learn more

E-commerce

Your checkout runs on 443. So do carding bots. TarPit.pro catches them on fake ports first and blocks them from your entire store.

Learn more

SaaS & Startups

Your API is on 443. Your database is firewalled but your app server isn't. TarPit.pro filters out attackers before they probe for vulnerabilities.

Learn more

How It Pays for Itself

Deploy in 60 Seconds

One install command per server. No config files, no Docker, no firewall rules to write. Runs as a systemd service.

Show Clients the Data

“Your server blocked 847 attackers from all services this month.” That's a line item that justifies itself.

Fleet-Wide Protection

One server catches an attacker, all servers in the fleet ban them. One dashboard for every client, every server.

Your Live Services Are Open Right Now

Every attacker scanning the internet can reach your port 22, 80, and 443. Start filtering them out in 60 seconds. Free for 2 servers, no credit card.

Paid plans from $10/server/month for fleet management, extended storage, and CVE detection. See pricing

Get Started Free