IP Bans

IP Bans

Dec 09, 2024

Admittedly, of the nearly 500 unique visitors, most of these are crawlers from Google and Amazon from international services they host.

Every so often, however, a malicious actor will request access to my "owa" folder or the ".git" folder or even the "wp-login.php." I have none of these. I was tempted to add a redirect thanking the user for the flattery of assuming someone else set this up for me...except, these are crawler bots looking for cheap exploits and no human would see the humor.

So, I have taken a different approach. I am adding an "IsBanned" flag to the Visitors table and then responding with a 403.

I wish I could say I've solved the problem, but after publishing, the site would respond once correctly and then output nothing for all subsequent calls. Success, I have blocked the trolls by allowing them to easily kill the site...not good. :laugh

As you can imagine, when running this local in debug mode, the method calls work as expected; but when I deployed, I was surprised this morning to see my server was serving nothing.

For the moment, the server still processes the call as though it were going to serve the page and then at the last moment clears its response and gives a 403 to the crawlers.

I am sure the solution will be very simple once I find it, but until then, I have added 16 crawlers to an IP ban. At least 6 of the ranges belong to a company who claims they only wanted to exploit weak sites to sell them a service

...Thank you, no thank you.