Closed (fixed)
Project:
Drupal core
Version:
6.9
Component:
other
Priority:
Normal
Category:
Support request
Assigned:
Unassigned
Reporter:
Created:
24 May 2011 at 08:15 UTC
Updated:
17 Aug 2011 at 11:31 UTC
For the last months I seem to find more and more "Page not found" entries in my Drupal logfiles. When looking at these entries I figure that hackers are attempting to inject script into my system. So far they did not get anywhere.
Is there a module that will automatically block the host IP of these script kiddies for an hour if they produce more than three "404 errors" in my logs?
So far I habe been manually blocking these IPs in my access rules which seems like a pointless excercise since by the time I block the IP the attack is long over. And the IP is probably stolen anyway.
Thank you,
Paul
| Comment | File | Size | Author |
|---|---|---|---|
| 404.jpg | 159.39 KB | paul_constantine |
Comments
Comment #1
jemond commentedThis might work:
http://drupal.org/project/badbehavior
Also check out this script:
http://drupal.org/node/374686#comment-1306942
Comment #2
paul_constantine commentedThank you. I will look into this.
At present I installed "fail2ban" and added some 404 Filters that ban IP numbers that produce too many file not found entries.
Cheers,
Paul
Comment #3
mdupont