[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: new, not nice web bots disposal

On 2/26/20, Gene Heskett <gheskett@shentel.net> wrote:
> over the last 90 days or so, we seem to have been plauged with a new
> breed of bots scanning our web pages, and they are not just indexing our
> web pages I don't mind that, but they are ignoring our robots.txt and
> are  mirroring anything apache2 can reach, including stuff thats there
> but not reachable by a normal browser just looking around and clicking
> on links.
  <.. snip ..>
> To add a new rule, covering that whole 256 address block because they
> seem to have a random address, changed about weekly, in that block:
> root@coyote:iptables$ cat iptables-add
> #!/bin/bash
> iptables -I INPUT -s add.ress.to.block/24 -j DROP

Have you considered REJECT instead of DROP?

REJECT should send a RST telling the other side to give up now.
DROP just drops the packet leaving the other side to retry until the
retry limit is hit.


Reply to: