locked
Blocking Certain Page Requests e.g. www.domain.com/wp-login.php RRS feed

  • Question

  • User825643875 posted

    Hi,

    I don't know if this is a big deal or not but I get various semi-malicious page requests such as  www.domain.com/wp-login.php, etc

    Is there any way I can block them at the initial point they arrive without them being logged as an error.

    Thanks,

    Will

    Monday, December 4, 2017 8:37 AM

Answers

  • User-821857111 posted

    If you have a public-facing web site, then this comes with the territory. Public servers are constantly scanned for vulnerabilities. There is nothing you can do about that except to ensure that your application is hardened against any potential threat. You aren't going to block all forms of probing. You could try to block IP addresses using the server firewall, but that's like using a teacup to bail a canoe with a bucket sized hole. 

    You could change what you log or how it is reported. We would need to know how you are currently doing that in order to provide more specific help.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, December 4, 2017 3:54 PM

All replies

  • User-821857111 posted

    If you have a public-facing web site, then this comes with the territory. Public servers are constantly scanned for vulnerabilities. There is nothing you can do about that except to ensure that your application is hardened against any potential threat. You aren't going to block all forms of probing. You could try to block IP addresses using the server firewall, but that's like using a teacup to bail a canoe with a bucket sized hole. 

    You could change what you log or how it is reported. We would need to know how you are currently doing that in order to provide more specific help.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Monday, December 4, 2017 3:54 PM
  • User825643875 posted

    Hi Mike,

    Thank you for taking the time to reply.

    Would creating a URL redirect using regex / wildcards that just sent them to a blank html page be a good idea / elegant solution?

    Will

    Monday, December 4, 2017 4:47 PM
  • User61956409 posted

    Hi Will,

    Is there any way I can block them at the initial point they arrive without them being logged as an error.

    You can check and trace the requests to find the IP addresses, as Mike said, you can prevent it by blocking the specific IP addresses in your server firewall.

    Besides, if you are hosting your website on IIS, you can also try to restrict access for specific IP(s) by defining a list of IP-based security restrictions via <ipSecurity> element, for detailed information, please check this article.

    Would creating a URL redirect using regex / wildcards that just sent them to a blank html page be a good idea / elegant solution?

    If using rewrite rule to redirect user to blank html do not cause other issues, which could be a walkaround. Additionally, as Mike mentioned, if your website logged it as error, and you don’t want that, you can change your logging strategy.

    With Regards,

    Fei Han

    <sub></sub><sup></sup>

    Tuesday, December 5, 2017 5:39 AM
  • User-821857111 posted

    will1968

    Would creating a URL redirect using regex / wildcards that just sent them to a blank html page be a good idea / elegant solution?

    Not really. Once you start down that route, it will be like herding cats, in my experience. Your server will receive no end of requests that result in 404s for all sorts of reasons. That's just the nature of the Internet.  As soon as you plug one hole, another will appear, and you still need to log 404s in some way because there will be some that you want to issue 301s for so that search engines refresh their index. 

    Tuesday, December 5, 2017 2:49 PM
  • User825643875 posted

    Thank you everyone.

    I will look at the IP address solution.

    Tuesday, December 5, 2017 3:39 PM