| Author |
Message |
Jenses
New Member
Joined: Feb 15, 2006
Posts: 6
|
 Posted:
Sat Oct 21, 2006 2:33 pm |
|
I once saw a solution using .htaccess to redirect to abuse.html - but first of all this do not ban the Ip nor can I remember how it was done (something with rewrite I guess)
Is there a way to catch and ban hackers that tries to access files they are not supposed to, such as admin.php (of coures mine is renamed), login.php (doesnt exist, but in my logs I can see the hackers attempt accessing it)
Yes I use Sentinel newest version, but can not figure out which call to make to get an IP banned |
| |
|
|
|
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
| Posted:
Sat Oct 21, 2006 3:40 pm |
|
NukeSentinel(tm) is not designed to [directly] handle that kind of a situation. You could, however, add the filename into the String blocker area and have String blocking set to ban the IP. |
| |
|
|
|
|
evaders99
Former Moderator in Good Standing
Joined: Apr 30, 2004
Posts: 3221
|
| Posted:
Sun Oct 22, 2006 5:09 pm |
|
Yea lots of robots are trying to find vulnerabilities, even if they don't exist on the server.
You can use mod_rewrite to do the redirect
Code:
RewriteRule ^login.php badbot.php
|
And then you need your PHP script to write an DENY line back into .htacesss
It is possible you may ban yourself if you're not careful. |
_________________
- Only registered users can see links on this board! Get registered or login! -
Need help? Only registered users can see links on this board! Get registered or login! |
|
|
|
Jenses
|
| Posted:
Mon Oct 23, 2006 12:00 am |
|
Would be nice if NukeSentinel could handle this directly - new ban section for files not to be accessed then all of the users can catch the script-ciddies before they even know what kind of site they tried to access.
Anyway, I can live with evaders99 rewriterule - its quite easy to implement
--- Thanks evaders, and dont worry, I have tried to ban myself before  |
| |
|
|
|
|
Raven
|
| Posted:
Mon Oct 23, 2006 12:06 am |
|
| Jenses wrote: | Would be nice if NukeSentinel could handle this directly - new ban section for files not to be accessed then all of the users can catch the script-ciddies before they even know what kind of site they tried to access.
Anyway, I can live with evaders99 rewriterule - its quite easy to implement
--- Thanks evaders, and dont worry, I have tried to ban myself before |
We will look into adding this. Thanks for the suggestion! |
| |
|
|
|
|
evaders99
|
| Posted:
Mon Oct 23, 2006 11:55 am |
|
I have a whole list of them.
But it is a matter for the webmaster, they actually may be using scripts such as phpBB, Mambo, etc. Currently I use DisError to track all the 404 messages and capture such things. |
| |
|
|
|
|
BobMarion
Former Admin in Good Standing
Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)
|
| Posted:
Tue Oct 24, 2006 8:58 pm |
|
I don't think it would be to hard to add this, if not 2.5.03 then 2.5.04 . I did a bad thing to my local while working on 2.5.03 so I had to reformat it's drive and reinstall the server software package  Plus I've been away for a couple of days soooooooooo back to work |
_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! |
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
