13 Apr
2019
13 Apr
'19
11:13 p.m.
Thanks Sindre
On Wed, 10 Apr 2019 at 20:39, Sindre Smistad <sindre(a)downgoat.net> wrote:
Are they just hitting the same URL over and over
again, or are they
actively crawling your pages and trying different things in URL parameters
and forms?
You could temporarily setup Cloudflare for your websites on the server. If
you just want it to filter out the unwanted traffic the free tier is
probably enough, but if you think your server is actually under attack I'd
recommend the pro trier. After setup you can toggle that you are under
attack, and filtering will be more aggressive.
https://www.cloudflare.com/plans/
On Tue, Apr 9, 2019 at 3:45 PM Keith <keith(a)keiths-place.co.uk> wrote:
Your theory about it just being a try out
practice run sort of thing
does, unfortunately, sound feasible. The hit rate is not large enough on
its own to be dangerous - 6 a second - but it has gone on for so long
with no success at all on their part. hey throw in the odd ping every
now and then as well.
Still awaiting a response from their abuse address
Keith
On 2019-04-09 17:18, Max B via users wrote:
--
My PGP is available at: http://downgoat.net/pages/contact.html
<http://downgoat.net/contact/>
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users
Probably a compromised Stanford system, that
makes one suspect those
coltish "Stanford students" instead of the real culprit who is more
likely either A/ to frustrate your service, such as tor or wikileaks
etc, B/ to be a script kiddie, C/ to be an APT.
_______________________________________________
users mailing list
users(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users