Hi Barry, I had the same issue a few months ago with various apps (Tapestry and non Tapestry ones). If you've got an Apache front-end, have a look at fail2ban ( http://www.fail2ban.org). It basically scans your error_log and based on typical attacks forbids the attacker IP to request your apps, by altering the firewall configuration.
IHTH, Jérôme. On Tue, Feb 21, 2012 at 21:26, trsvax <trs...@gmail.com> wrote: > I've got people running vulnerability scanners against a production site. > I've also got log4j configured to send email exceptions to me and > unfortunately this means I get a lot of email. For example the scanner > requests /index.php~ > > which results in the following log: > > > 2012-02-21 14:17:37,324 [ajp-bio-8009-exec-48] [ERROR] > TapestryModule.RequestExceptionHandler Processing of request failed with > uncaught exception: Input string 'index.php~' is not valid; the character > '~' at position 10 is not valid. > > Which results in a email to me. > > I realize I could stop this with some log4j config but what I'd rather do > is > just stop all this traffic before it even gets that far. Perhaps if you get > more than 10 exceptions in a minute blacklist your IP. Has anyone done > anything like that or have other suggestions? > > Thanks > Barry > > > -- > View this message in context: > http://tapestry.1045711.n5.nabble.com/Vulnerability-Scanners-tp5503278p5503278.html > Sent from the Tapestry - User mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org > For additional commands, e-mail: users-h...@tapestry.apache.org > > -- Jerome Bernard, Blog: http://jerome-bernard.com
