Jump to content
Sign in to follow this  
Rosanne

Block Vulnerability Scans - Iptables Equivalent?

Recommended Posts

We're getting a number of vulnerability scans against our site. Blocking individual IPs isn't a solution - too many of them. One pretty solution I saw used iptables. Now, I know just enough Linux and network configuration to be dangerous, but I suspect that iptables would only be an option on dedicated servers. Is there a way for virtual servers to drop the connection based on a string, rather than an IP?

 

It's not a huge deal - since we don't run PHP those scans are all logging 404s, but seeing them in our logs offends me - sort of an OCD thing. :-)

 

~ Rosanne

Share this post


Link to post
Share on other sites

Hosting the account on a shared server, there are limits on what you can achieve simply because you will need higher level access. There are thousands of scripts running in the internet scanning for outdated and insecure scripts, but they just move on once they find there is nothing to break in. All that is required from you is to make sure that you are running the latest stable version of any script that you install, keep updating it as and when there is a new release and rotate your password to a very strong string at regular intervals, atleast once a month.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...