Blocking path scanning
Posted
by
clinisbut
on Pro Webmasters
See other posts from Pro Webmasters
or by clinisbut
Published on 2011-11-18T12:14:26Z
Indexed on
2011/11/18
18:04 UTC
Read the original article
Hit count: 259
I'm seeing in my access log a number of request very suspicious:
/i
/im
/imaa
/imag
/image
/images
/images/d
/images/di
/images/dis
They part from a known resource (in the above example /images/disrupt.jpg).
All comming from same IP. Requests varies from 1/sec to 10/sec, seems somewhat random.
It's obviously they are trying to find something and seems they are using a script.
How do I block this kind of behaviour? I though of blocking the IP request, at least for a given time. Keeping in mind that:
- Request intervals seems legitimate (at least I think so).
- I don't want to end blocking a search engine bot, which may find 404 urls too (and that's a different problem, I know). ¿Do they use always same IP?
© Pro Webmasters or respective owner