How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
That is the big takeaway.
4/3 06:28:33p 1996 Request: GET /sql/myadmin/index.php?lang=en HTTP/1.1
How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
That is the big takeaway.
How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
That is the big takeaway.
4/3 06:28:31p 1996 Request: GET /sql/phpmyadmin4/index.php?lang=en HTTP/1.1
4/3 06:28:31p 1996 !ERROR: 404 Not Found (line 3721)
4/3 06:28:31p 1996 Session thread terminated (2 clients, 6 threads remain,
511 served)
4/3 06:28:31p 1996 HTTP connection accepted from: 188.166.240.83 port 49102
4/3 06:28:31p 1996 Request: GET /db/phpMyAdmin-5/index.php?lang=en HTTP/1.1
4/3 06:28:32p 1996 !ERROR: 404 Not Found (line 3721)
4/3 06:28:32p 1996 Session thread terminated (2 clients, 6 threads remain,
512 served)
4/3 06:28:32p 1996 HTTP connection accepted from: 188.166.240.83 port 49260
4/3 06:28:32p 1996 Request: GET /dbadmin/index.php?lang=en HTTP/1.1
4/3 06:28:32p 1996 !ERROR: 404 Not Found (line 3721)
4/3 06:28:32p 1996 Session thread terminated (2 clients, 6 threads remain,
513 served)
4/3 06:28:32p 1996 HTTP connection accepted from: 188.166.240.83 port 49424
4/3 06:28:32p 1996 Request: GET /phpmyadmin2015/index.php?lang=en HTTP/1.1
4/3 06:28:32p 1996 !ERROR: 404 Not Found (line 3721)
4/3 06:28:33p 1996 Session thread terminated (2 clients, 6 threads remain,
514 served)
4/3 06:28:33p 1996 HTTP connection accepted from: 188.166.240.83 port 49542
4/3 06:28:33p 1996 Request: GET /sql/myadmin/index.php?lang=en HTTP/1.1
How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
That is the big takeaway.
---
þ Synchronet þ Inland Utopia - iutopia.duckdns.org:2023
Re: web server
By: Utopian Galt to All on Sun Apr 03 2022 06:31 pm
> 4/3 06:28:33p 1996 Request: GET /sql/myadmin/index.php?lang=en HTTP/1.1
>
> How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
>
> That is the big takeaway.
Just ignore them. <shrug>
... Request: GET /sql/phpmyadmin4/index.php?lang=en HTTP/1.1
... !ERROR: 404 Not Found (line 3721)
...
How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
That is the big takeaway.
El 4/4/22 a las 02:17, Digital Man escribió:
Re: web server
By: Utopian Galt to All on Sun Apr 03 2022 06:31 pm
> 4/3 06:28:33p 1996 Request: GET /sql/myadmin/index.php?lang=en HTTP/1.1
>
> How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
>
> That is the big takeaway.
Just ignore them. <shrug>
can you add the client ip to the 404 error log? it will make easy to
made a fail2ban filter
Okay, I just added that. But I wouldn't recommend blocking any/ever client that makes a bad HTTP request. You could have a bad link on your own web pages and be blocking a lot of honest to goodness users.
Re: web server
By: Utopian Galt to All on Sun Apr 03 2022 18:31:39
UG> How do I get people to GTFO out of /sql, /phpmyadmin, /db etc?
UG> That is the big takeaway.
The more important question is whether these requests are causing a real, measurable problem for you.
This sort of traffic comes in waves. You'll see huge surges that last for a matter of hours and then die off for weeks or months. Your logs show your web server isn't exactly being taxed; it's handling a couple of requests per second and responding with 404. No big deal.
You can play whack-a-mole with these bots and add complexity to your setup if you really want to, but you can also just do nothing and it'll be fine.
El 4/4/22 a las 23:55, Digital Man escribió:
Okay, I just added that. But I wouldn't recommend blocking any/ever client that makes a bad HTTP request. You could have a bad link on your own web pages and be blocking a lot of honest to goodness users.
I agree, I would only block if the same error occurs many times from the same host
An idea would be to be able to add aliases with return code
example:
[ctrl/web_alias.ini]
/phpmyadmin* = return 403
/wp-admin* = return 403
Sysop: | Xerxes |
---|---|
Location: | Azle, Texas |
Users: | 131 |
Nodes: | 10 (0 / 10) |
Uptime: | 86:00:57 |
Calls: | 3,190 |
Calls today: | 1 |
Files: | 195 |
U/L today: |
0 files (0K bytes) |
D/L today: |
0 files (0K bytes) |
Messages: | 366,067 |
Posted today: | 0 |