Trigger IP ban based on request of given file?

Posted by Mike Atlas on Pro Webmasters See other posts from Pro Webmasters or by Mike Atlas
Published on 2011-02-16T17:48:41Z Indexed on 2011/02/16 23:35 UTC
Read the original article Hit count: 300

Filed under:
|
|

I run a website where "x.php" was known to have vulnerabilities. The vulnerability has been fixed and I don't have "x.php" on my site anymore.

As such with major public vulnerabilities, it seems script kiddies around are running tools that hitting my site looking for "x.php" in the entire structure of the site - constantly, 24/7.

This is wasted bandwidth, traffic and load that I don't really need.

Is there a way to trigger a time-based (or permanent) ban to an IP address that tries to access "x.php" anywhere on my site?

Perhaps I need a custom 404 PHP page that captures the fact that the request was for "x.php" and then that triggers the ban? How can I do that?

Thanks!

EDIT:

I should add that part of hardening my site, I've started using ZBBlock:

This php security script is designed to detect certain behaviors detrimental to websites, or known bad addresses attempting to access your site. It then will send the bad robot (usually) or hacker an authentic 403 FORBIDDEN page with a description of what the problem was. If the attacker persists, then they will be served up a permanently reccurring 503 OVERLOAD message with a 24 hour timeout.

But ZBBlock doesn't do quite exactly what I want to do, it does help with other spam/script/hack blocking.

© Pro Webmasters or respective owner

Related posts about security

Related posts about htaccess