Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.
By Lars Vandergraaf on
Hello,
I have noticed many IPs coming from China and Korea (the southern one),
In the log they show them trying to guess an open path e.g. phpmgr, webadmin, phpmanager , mysqladmin
Is there away to trigger an automated access denied rule based on some of these requests coming from anonymous users?
I have a list of IPs that I banned but I had to read the log and manually do the deny. My thought is: there is no way an anonymous user is trying to type in phpmanager without being up to no good. Ideally it would be nice to have a trapdoor or boobytrap that maybe sends some type of "special gift" back to the nogoodnick's machine.
