Some spambots hammer my server with nonexisting paths like /user/pass?=asdfdasfas How could I block any access to /user/pass?=* ?
Is there a better tool than iptables or csf for catching such crap?
Asked
Active
Viewed 237 times
1 Answers
4
We use fail2ban
It automatically blocks the IP of the spambot or malicious user for a user defined period of time once it detects a user defined number of requests to non-existent pages, failed login attempts etc. We currently use it to protect against ssh attacks but are now extending it to our website.
user2930083
- 56
- 1
-
... and txt2re.com is your new friend – manjiki Nov 29 '13 at 10:55