Blocking path scanning

Posted by clinisbut on Pro Webmasters See other posts from Pro Webmasters or by clinisbut
Published on 2011-11-18T12:14:26Z Indexed on 2011/11/18 18:04 UTC
Read the original article Hit count: 259

Filed under:
|
|

I'm seeing in my access log a number of request very suspicious:

/i
/im
/imaa
/imag
/image
/images
/images/d 
/images/di
/images/dis

They part from a known resource (in the above example /images/disrupt.jpg).

All comming from same IP. Requests varies from 1/sec to 10/sec, seems somewhat random.
It's obviously they are trying to find something and seems they are using a script.

How do I block this kind of behaviour? I though of blocking the IP request, at least for a given time. Keeping in mind that:

  • Request intervals seems legitimate (at least I think so).
  • I don't want to end blocking a search engine bot, which may find 404 urls too (and that's a different problem, I know). ¿Do they use always same IP?

© Pro Webmasters or respective owner

Related posts about php

Related posts about apache