For the last months I seem to find more and more "Page not found" entries in my Drupal logfiles. When looking at these entries I figure that hackers are attempting to inject script into my system. So far they did not get anywhere.

Is there a module that will automatically block the host IP of these script kiddies for an hour if they produce more than three "404 errors" in my logs?

So far I habe been manually blocking these IPs in my access rules which seems like a pointless excercise since by the time I block the IP the attack is long over. And the IP is probably stolen anyway.

Thank you,
Paul

CommentFileSizeAuthor
404.jpg159.39 KBpaul_constantine

Comments

jemond’s picture

Status: Active » Needs review
paul_constantine’s picture

Thank you. I will look into this.

At present I installed "fail2ban" and added some 404 Filters that ban IP numbers that produce too many file not found entries.

Cheers,
Paul

mdupont’s picture

Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.