Answer the question
In order to leave comments, you need to log in
V
V
vladislav9972021-10-01 13:00:32
vladislav997, 2021-10-01 13:00:32
How to protect against requests like "GET /.env", "GET /admin/cofing.php", "GET /owa/auth/logon.aspx" and others?
This is the situation, I watch the logs, and someone (I guess automatically) has been sending the same requests like this for more than a week:
GET /.env
GET /admin//config.php
GET /_profiler
GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application
GET /owa/auth/logon.aspx
GET /owa/auth/x.js
GET /atom.xml
GET /.vscode/sftp.json
GET /.vscode/sftp.json
GET /sftp-config.json
GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.phpOn the one hand, it starts to strain at times, because then it takes longer to analyze normal logs.
On the other hand, something suddenly "passes through" somewhere and this mother's hacker gets access.
Question: how best to protect yourself from such a smart guy? The project is spinning on a symphony. I have an option to catch on the 404 page that his IP is given to him, and block, but usually the IPs are dynamic, and this is unlikely to help. Or should you just calm down?
Similar questions
T
U
Z
M
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question