Some spambots hammer my server with nonexisting paths like /user/pass?=asdfdasfas How could I block any access to /user/pass?=* ?
Is there a better tool than iptables or csf for catching such crap?
Some spambots hammer my server with nonexisting paths like /user/pass?=asdfdasfas How could I block any access to /user/pass?=* ?
Is there a better tool than iptables or csf for catching such crap?
We use fail2ban
It automatically blocks the IP of the spambot or malicious user for a user defined period of time once it detects a user defined number of requests to non-existent pages, failed login attempts etc. We currently use it to protect against ssh attacks but are now extending it to our website.