By Matt G on
My site has been live for about a month. I've submitted some pages to Digg and other social media sites.
So every now and then I get a clearly malicious user trying to access pages.
For example, the "Recent Hits" log will say:
/PhpMyAdmin
/settings.php
or other pages that if granted access, could seriously mess up my site.
Fortunately Drupal protects against this sort of thing. (I am safe, right?)
After I see such an attempt I block the IP address that made the request using .htaccess:
order allow,deny
deny from [malicious IP 1]
deny from [malicious IP 2]
deny from [malicious IP 3]
allow from all
I wonder, if there any way to automate this process?'
It would be great if there were a module (or other solution) that automatically blocked IP address that pointed their browsers to PHP administration addresses.
Comments
I use BadBehavior on my
I use BadBehavior on my Drupal sites, blocks LOADS of malicious bots.
Pobster