Single-file PHP dashboard with dark theme, tabbed views for
overview, credentials, passwords, usernames, IPs, countries,
and timeline. Token-based auth prevents unauthorized access.
Reads JSONL intel log directly, no database needed.

- Block direct web access to wp-trap-config.php via Apache <Files> rule
- Change state directory from /tmp (world-readable) to /var/lib/wp-honeypot
- Create state dir with 0700 perms (www-data only)
- Set log files to 0640 instead of 0644
- Install script now creates state dir with correct ownership

Pixel-perfect fake wp-login.php with progressive tarpit delays,
full credential/header/geo intelligence logging (JSONL), and
fail2ban integration for 30-day IP bans.

Includes automated installer supporting local, SSH, and Proxmox
LXC deployment modes, plus a CLI intelligence viewer.