Skip to main content

Auto banning IPs snooping web root?

Comments

4 comments

  • cPRex Jurassic Moderator
    Hey there! /var/www/html is a standard directory, created by cPanel and Apache for use on the system. This directory does get used as the "default" directory for Apache, so you'll find the default error files, the default index page, and the .well-known directory used for hostname SSL verification. While the bots can be annoying, just checking for files doesn't harm anything, and there's really not a great way to block one-off checks. If you wanted to block repeated offenders, a tool like mod_evasive is the best way to go:
    0
  • quietFinn
    You might want to check setting LF_APACHE_404 in CSF.
    0
  • rolinger
    Thanks. I will look into both. These aren't just a few random checks, sometimes a single IP is looking for 40 or 50 URLs, that don't exist, in a span of about 30 seconds. Sometimes I will see the same IP hitting other folders doing the same thing.
    0
  • cPRex Jurassic Moderator
    That sounds like a good scenario for either of the mentioned tools then - I hope one of those works well for you!
    0

Please sign in to leave a comment.