Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help Security - is my website under attack?
Security - is my website under attack?
  • Offline Wouter60
    Posting Freak
  • *****
  • Posts: 851
    Threads: 38
    Joined: Feb 2015
    Reputation: 77
#1
08-05-2015, 01:07 AM

A few days ago, I enabled error logging in CodeIgniter. It generates a log file per day. Analysis shows that there are a lot of page requests to non-existing pages on my domain, on and on. Sometimes just a few seconds after one another.
Is there a reason to be worried?
How can I detect from which IP-address these requests are done? I would like to ban that IP-address in .htaccess (deny).
Reply
  • Offline CroNiX
    Senior Member
  • ****
  • Posts: 428
    Threads: 0
    Joined: Jan 2015
    Reputation: 25
#2
08-05-2015, 07:27 AM

Good luck. You will be doing that every day for the rest of your life. It is extremely COMMON to get requests for non-existant URLs. Some are innocent, like someone manually typed the url in and misspelled something. Some might be an error in your code, like a link to a non-existing page. Others are scripted bots roaming the internet looking for vulnerabilities in your application. You will never be able to stop that. Never. And it's a complete waste of time. There are millions out there and if your site is "on the web", then it will get crawled by malicious bots. The best thing to do is write your app very securely using industry best-practices, from the get-go. It's the most important part of your app and most people seem to treat it as an afterthought.
Reply
  • Offline mwhitney
    Posting Freak
  • *****
  • Posts: 1,101
    Threads: 4
    Joined: Nov 2014
    Reputation: 95
#3
08-05-2015, 07:36 AM

The only way you can really determine whether a 404 request was malicious is if they were requesting a page that is used for a known attack. For example, I get a lot of requests for wp_admin pages, which are most likely scans for vulnerable WordPress sites. However, it's unlikely that the IP address is permanently assigned to the attacker, or that the person using that computer is even aware that their computer is scanning the internet for vulnerable servers. It's also pretty unlikely that anyone is specifically targeting my server when I receive these requests.

If you really want to look up the IP address, you should be able to match up your CodeIgniter logs with your web server's logs, which usually include the client's IP address.
Bonfire
Practical CodeIgniter 3
CodeIgniter Testing Guide
Reply
  • Offline Wouter60
    Posting Freak
  • *****
  • Posts: 851
    Threads: 38
    Joined: Feb 2015
    Reputation: 77
#4
08-05-2015, 07:58 AM

Thanks @CroNiX en @mwhitney! Don't worry, I will not spend the rest of my life checking these log files.
Reply
  • Offline chaintartary
    Newbie
  • *
  • Posts: 1
    Threads: 0
    Joined: Dec 2022
    Reputation: 0
#5
12-28-2022, 02:49 AM

Each malicious attack on your website has its specifics, and with a range of different types of attacks going around, it might seem impossible to defend yourself against all of them. Still, you can do a lot to secure your website against these attacks and mitigate the risk that malicious hackers target your website.
slope unblocked
Reply




Theme © iAndrew 2016 - Forum software by © MyBB