31 Aug
2011
31 Aug
'11
5:25 p.m.
On Wed, 2011-08-31 at 10:17 -0700, John R Pierce wrote:
anyways, your webserver already filters these out, its not going to respond to an invalid URL with anything other than '404'. thats its job.
The 'error' is trapped; a PHP routine examines the URL for known (in a list) hacker strings; if an established 'hacker' string is detected the site's .htaccess file is updated with a 'deny from' statement; in all instances an email is sent to the systems' monitor.
Oh, and a suitable customised web page is displayed in response.
An improvement is the real-time adding of block IP commands to IP Tables.
Paul.