What's the best way to detect web applications attacks ?
- by paulgreg
What is the best way to survey and detect bad users behavior or attacks like deny of services or exploits on my web app ?
I know server's statistics (like Awstats) are very useful for that kind of purpose, specially to see 3XX, 4XX and 5XX errors (here's an Awstats example page) which are often bots or bad intentioned users that try well-known bad or malformed URLs.
Is there others (and betters) ways to analyze and detect that kind of attack tentative ?
Note : I'm speaking about URL based attacks, not attacks on server's component (like database or TCP/IP).