GoFuckYourself.com - Adult Webmaster Forum - View Single Post

rowan · 06-05-2018, 10:55 PM

I'd like to help, but it's pretty tightly integrated into my website... it would need work even to use on another of mine, let alone a totally separate setup. It also relies on the OS being FreeBSD to firewall really obnoxious IPs.

Basically I have a PHP script handle 404s. If it's a permitted 404 (eg a browser fetching favicon.ico) then it's ignored and returns a standard Apache 404 response, exactly like the server normally would. Otherwise, the count of 404s that IP has incurred is incremented. If that count goes too high, a ban for that IP is triggered.

The actual implementation is a bit more complicated because it includes logging, DNS resolution, and drop firewalling, but that's generally how it works.

06-05-2018, 10:55 PM
rowan Too lazy to set a custom title Join Date: Mar 2002 Location: Australia Posts: 17,393	I'd like to help, but it's pretty tightly integrated into my website... it would need work even to use on another of mine, let alone a totally separate setup. It also relies on the OS being FreeBSD to firewall really obnoxious IPs. Basically I have a PHP script handle 404s. If it's a permitted 404 (eg a browser fetching favicon.ico) then it's ignored and returns a standard Apache 404 response, exactly like the server normally would. Otherwise, the count of 404s that IP has incurred is incremented. If that count goes too high, a ban for that IP is triggered. The actual implementation is a bit more complicated because it includes logging, DNS resolution, and drop firewalling, but that's generally how it works.