Honeybadger and Bandit, Phoenix, Plug errors

matt-savvy · April 25, 2026, 4:16pm

Anyone here using Honeybadger?

My Honeybadger account is being overwhelmed with noise from some bots. Seeing a lot of

Bandit.HTTPError and Bandit.TransportErrors (looks like someone is trying to send packets that aren’t HTTP requests)
Plug.CSRFProtection.InvalidCSRFTokenError (trying to make bogus POST requests)
Phoenix.NotAcceptableError (Expected one of [“html”] but got the following formats: * “text/plain” …)

For the Bandit errors, I would imagine these should be ignored since I have log_protocol_errors: false .
My endpoint that looks like this:

  config :my_app, MyApp.Endpoint,
    url: [host: host, port: 443, scheme: "https"],
    https: [
      ...
      http_options: [log_protocol_errors: false]
    ],
	...

Relevant bandit docs:

I’m not really sure why I’m getting these Phoenix errors at all. The urls they’re making requests to are totally bogus, I would think that these would just 404.

As for the rest, what are you doing to filter these out? Or just bulk ignoring in Honeybadger and getting on with your day?

Thanks

matt-savvy · April 25, 2026, 4:22pm

Also, if anyone has anything to share on how they’re filtering these bots out in the first place, I’m all ears.