https://polymathmonkey.github.io/weblog/artifacts/honeyhttpd/index.htmlTable of Contents Introduction Architecture Overview Containerizing with Docker Configuration Code Improvements ApachePasswordServer.py ElasticSearchLogger.py Advantages Over the Original Testing Next Steps Summary Introduction I set out to build a honeypot that captures HTTP attack traffic and forwards it directly to Elasticsearch for analysis. Instead of reinventing the wheel, I built on top of honeyhttpd by bocajspear1 and added structured logging, credential extraction, and proper sanitization. The result is a production-ready honeypot that simulates an Apache server protected by HTTP Basic Authentication, capturing attacker credentials and request metadata in queryable Elasticsearch documents.Hugoen-usAll text is licensed under a Creative Commons Attribution 4.0 International License.