404 and banned?

Joshua Marsh joshua at themarshians.com
Fri Mar 21 12:55:46 MDT 2014


I've used fail2ban before, but it's been a few years. It looks like people
have used it though for what you are wanting:

http://xplus3.net/2013/05/09/securing-xmlrpc-wordpress/


On Fri, Mar 21, 2014 at 12:49 PM, S. Dale Morrey <sdalemorrey at gmail.com>wrote:

> What would you guys recommend here?
> I have a box running nginx and nodejs powering a financial website that
> completely custom code and meant to be highly secure.
>
> Nevertheless I am constantly seeing floods for xmlrpc.php and the like.
> I'd like to just instantly put any computer that tries for these exploit
> vectors on a black list for 48 hours and basically ignore any incoming
> connections from them during that timeframe.
>
> Wondering what tech is out there nowdays to automate this, especially
> something that doesn't break in nginx and node?
>
> Thanks guys!
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>


More information about the PLUG mailing list