10
cursee
6y

Question for Web Server Gurus and Security Ninjas.

How to prevent bots, crawlers, spammers sending various numerous requests to your web servers?

There have been numerous requests to routes like /admin /ssh /phpmyadmin etc etc and all kinds of stuff to the web server.

Is there a way to automatically block those stupid IPs :/

Comments
  • 7
    Fail2ban is simple and reasonably effective
  • 5
    With ipset you can create a list of ip and ip blocks to avoid (it works in combination with iptables).
    The idea is:
    1) get an incoming packet
    2) check if it comes from the list of banned ips; if yes, discard it
    3) otherwise, keep traversing the other iptables rules
  • 4
    Unix: fail2ban

    Windows: wail2ban (I’ve never used it but it’s out there)
  • 1
    As others have mentioned, fail2ban, and lock down certain pages to specific addresses.
  • 0
    Ok probably the most noob question you have every seen regarding this topic.

    The devs said they have setup everything and also using cloudflare.

    So why do I still see those requests in the logs?
  • 0
    @cursee cloudflare enterprise?
  • 3
    Nginx rate limiting and CSF?
  • 1
    ipset, Fail2ban, Imunify360, CSF/LFD
  • 0
    Thank guys. I have advised them to learn about fail2ban and implement it.

    Let's see 😁

    I'll share update here if there is any.

    Personally I just use someone's services for my projects if it's something I'm not strong at. This advice is for a friend.
Add Comment