[INSTALLATION] how to block vulnerability scanner such as Acunetix, OWASP ZAP, etc.. ?

mitchellkrogza / nginx-ultimate-bad-bot-blocker

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

Other

3.81k stars 472 forks source link

[INSTALLATION] how to block vulnerability scanner such as Acunetix, OWASP ZAP, etc.. ? #443

Open msalmanfarisi opened 2 years ago

msalmanfarisi commented 2 years ago

Hello,

how to block vulnerability scanner such as Acunetix, OWASP ZAP, nikto, wp-scan, Netsparker, etc.. ? they do the user-agent manipulation so, it may need some tricks to keep them away. Please advise.

Thanks

itoffshore commented 2 years ago

to block port scanners use something like psad (port scan attack detector)

I used to use psad but now run nftables which makes it simple to limit connections - use with fail2ban nftables configuration - block offenders for 1 day & enable bantime.increment = true