Ban IPs that request sus resources

ZNielsen / PodRacer

A podcast catch-up service

Apache License 2.0

4 stars 0 forks source link

Ban IPs that request sus resources #25

Open ZNielsen opened 3 years ago

ZNielsen commented 3 years ago

I'm seeing IPs request things like /.ftpconfig and /.vscode/sftp.json. Look into banning IPs after an obviously malicious request.

Hook into crowdsec or similar?

ZNielsen commented 3 years ago

List:

/.vscode/sftp.json
/ftpsync.settings
/.ftpconfig
/.remote-sync.json
/sftp-config.json
/.git/config
/.env
/.vscode/ftp-sync.json
/deployment-config.json

ZNielsen commented 3 years ago

Rocket serves a 404 for these files, but it would be nice to just block these guys so they don't have the chance to find something.