Thanks for the suggestions, here is what I ended up doing.
I created a BlacklistTracker service. If you do things I don't like you are
tracked. For example if you end up on my exception page I track you. Get too
many exceptions and you are blacklisted, too many failed login attempts
blacklisted etc.
To blacklist requests I created a BlacklistLinkTransformer which just does
this:
public PageRenderRequestParameters decodePageRenderRequest(Request
request)
{
if ( blacklistTracker.isBlacklist(request) ) {
return new PageRenderRequestParameters("BlackList",new
EmptyEventContext(),false);
}
return null;
}
This way I end up with a few exceptions in my logs then the IP is
blacklisted and I get an email about that also.
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/Vulnerability-Scanners-tp5503278p5508501.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
