HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


0=A: Trap or ban this sort of activity

Login / Search

 [ Join | More ]
 Add topic 
Posted
Rating:
#110351 (In Topic #22008)
TQ
Avatar

Honoured member

Hi All,

Is there any way that I can trap or ban people trying to hack my site using this sort of technique?

The situation is that OCP stops their progress (as far as I know) so no harm is coming from it but the number of message I receive informing me of this activity is clogging up my system. Today just under 40, yesterday about 90 and the day before well in excess of 600. There was one occasion where a concerted effort by multiple IP's made it run to many thousands.

I do not want to stop the emails themselves, I need to know when something is going on. If I'm around when it happens I can check the server and ban the IP directly but if I'm not around I don't get to see the IP plus it can put a lot of pressure on my server.

In it's simplest form, I suppose that a trap that sees a (guest) user receive the '...does not exist' in

Code

The requested resource (:downloads' or 1='0=A and '1'='1) does not exist.
more than x times would be locked out.

As I write I'm wondering if IIRF could help me with this. Does anyone have any thoughts on this approch?

I'd appreciate any suggestions or guidance on this nuisance problem.

TQ
Back to the top
 
Posted
Rating:
#110353
Avatar

Hi,

I don't know about IIRF but you can certainly do block's using rewrite's in Apache…

https://perishablepress.com/eight-ways-to-blacklist-with-apaches-mod_rewrite/

Might provide some ideas.


Become a fan of ocPortal on Facebook or add me as a friend. Add me on on Twitter.
Was I helpful?
  • If not, please let us know how we can do better (please try and propose any bigger ideas in such a way that they are fundable and scalable).
  • If so, please let others know about ocPortal whenever you see the opportunity.
  • If my reply is too Vulcan or expressed too much in business-strategy terms, and not particularly personal, I apologise. As a company & project maintainer, time is very limited to me, so usually when I write a reply I try and make it generic advice to all readers. I'm also naturally a joined-up thinker, so I always express my thoughts in combined business and technical terms. I recognise not everyone likes that, don't let my Vulcan-thinking stop you enjoying ocPortal on fun personal projects.
  • If my response can inspire a community tutorial, that's a great way of giving back to the project as a user.
Back to the top
 
Posted
Rating:
#110355
TQ
Avatar

Honoured member

Hi Chris,

Thank you for the pointer, very interesting article.

I think I've got it under control now, had a few wrinkles but I may be over them now.

Thanks again

TQ
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: