Urgent Questions shoot here: khnaz35@gmail.com
Enjoy nature 
Have been using this for a few hours:
Code: Select all
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{QUERY_STRING} ^$
RewriteRule ^admin/?$ http://%{REMOTE_ADDR}/ [R=301,L]
It has already decreased the number of requests to our server from this attacker by 70 percent. IMHO this can be a better strategy then merely responding with 403-results. We'll see. The goal is to make him give up, realizing he's just wasting his bandwidth and compromised servers.
Will compare this with another strategy which returns standard 404 responses later on, to see which works better.
Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus
Means no real person stands behind.
While the idea of sending back to the original address (which I am using since years with success) is smart, finally not many will notice that.
Maybe I am wrong .. ?
Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.
And noticed that user agent is always same with empty Post string
Code: Select all
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0
Urgent Questions shoot here: khnaz35@gmail.com
Enjoy nature
Many thanks,
James
Bullet Polish Europe Ltd
Override Engine * Integrated VQMod * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Rich Snippets * Google Tag Manager * Export/Import Tool * SpamBot Buster * Survey Plus
https://github.com/CIDRAM/CIDRAM
Opencart 1.5.6.5/OC Bootstrap Pro/VQMOD lover, user and geek.
Affordable Service £££ - Opencart Installs, Fixing, Development and Upgrades
Plus Ecommerce, Marketing, Mailing List Management and More
FREE Guidance and Advice at https://www.ecommerce-help.co.uk
Users browsing this forum: No registered users and 2 guests
