Welcome Guest, Not a member yet? Register   Sign In
Security - is my website under attack?

A few days ago, I enabled error logging in CodeIgniter. It generates a log file per day. Analysis shows that there are a lot of page requests to non-existing pages on my domain, on and on. Sometimes just a few seconds after one another.
Is there a reason to be worried?
How can I detect from which IP-address these requests are done? I would like to ban that IP-address in .htaccess (deny).

Good luck. You will be doing that every day for the rest of your life. It is extremely COMMON to get requests for non-existant URLs. Some are innocent, like someone manually typed the url in and misspelled something. Some might be an error in your code, like a link to a non-existing page. Others are scripted bots roaming the internet looking for vulnerabilities in your application. You will never be able to stop that. Never. And it's a complete waste of time. There are millions out there and if your site is "on the web", then it will get crawled by malicious bots. The best thing to do is write your app very securely using industry best-practices, from the get-go. It's the most important part of your app and most people seem to treat it as an afterthought.

The only way you can really determine whether a 404 request was malicious is if they were requesting a page that is used for a known attack. For example, I get a lot of requests for wp_admin pages, which are most likely scans for vulnerable WordPress sites. However, it's unlikely that the IP address is permanently assigned to the attacker, or that the person using that computer is even aware that their computer is scanning the internet for vulnerable servers. It's also pretty unlikely that anyone is specifically targeting my server when I receive these requests.

If you really want to look up the IP address, you should be able to match up your CodeIgniter logs with your web server's logs, which usually include the client's IP address.

Thanks @CroNiX en @mwhitney! Don't worry, I will not spend the rest of my life checking these log files.

Each malicious attack on your website has its specifics, and with a range of different types of attacks going around, it might seem impossible to defend yourself against all of them. Still, you can do a lot to secure your website against these attacks and mitigate the risk that malicious hackers target your website.

Theme © iAndrew 2016 - Forum software by © MyBB