New idea: HTTarPit

Listen to a socket, accept connections, wrap the socket in TLS and send the right certificate (use a library for this bit). Use poll to manage sockets, don't need to keep state. While a socket is open, read and drop incoming bytes, write an outgoing space every 20 seconds.

Problem is, looking at the spec, won't work. Http response has to start "HTTP-version SP status-code SP" RFC 9112 Sec 4, so we'll need to keep at least enough state to send that first, although a 13 byte buffer isn't that much.

Not sure what status code to use, but making it configurable solves that problem in the short term.

Sounds like a fun C programming exercise, a fairly classic use of poll that should be able to run under fairly restricted resources and might end up slightly annoying a bot operator.

MVP: Get it working.

Post MVP: Record (and report!) stats. Total connections, bytes received/sent, time connections held open (min/max/average, maybe a histogram once it's clear what size buckets to use). If I wanted to put the time into parsing the HTTP request I could gather stats from headers (UserAgent mostly), and maybe even respond properly to specific URLs (/robots.txt, and maybe something human readable for /), but that significantly increases the complexity and attack surface. But it would be fun.