---json
{
    "description": "This article describes when and how ComboStrap bans bad requests performed by bots",
    "name": "Bad Bot Ban",
    "page_id": "cq900uui79ur2pr72a6za",
    "title": "How ComboStrap protects from bad bot scanning"
}
---

====== ComboStrap - Ban (Scanning Protection) ======


===== About =====
''combostrap'' will ban well-known [[docs:page:system:path|path]] that bots are using to scan your server.

We enforce a [[wp>Shadow_banning|shadow ban]] by performing a [[docs:router:transparent|transparent redirect]] to the website home page.

For example, clicking on this well-known wordpress link [[this>wp-admin]] will send you to the home page (if you are not logged in).

It has the benefits:
  * to preserve the resources of your server.
  * to not telling explicitly to the attacker that they are banned.
  * to not trigger any web monitoring alert because of a too high redirection rate.



===== Scanning Banned =====

==== Wordpress ====

Wordpress Scanning bans all path that contains ''wp-''.


Example:
<code>
wp-json:api:flutter_woo:config_file
wp-content:plugins:wpdiscuz:themes:default:style-rtl.css
wp-admin
2020:wp-includes:wlwmanifest.xml
wp-content:start
wp-admin:css:start
</code>



==== Git ====


Git Scanning bans all path that starts with "git"

Example:
<code>
git:objects:
git:refs:heads:stable
git:logs:refs:heads:main
git:logs:refs:heads:stable
git:hooks:pre-push.sample
git:hooks:pre-receive.sample
</code>

==== SQL Injection====

SQL Injection Scanning bans all path that contains `sql statements`

Examples:
<code>
db:oracle:long_or_1_utl_inaddr.get_host_address_chr_33_chr_126_chr_33_chr_65_chr_66_chr_67_chr_49_chr_52_chr_53_chr_90_chr_81_chr_54_chr_50_chr_68_chr_87_chr_81_chr_65_chr_70_chr_80_chr_79_chr_73_chr_89_chr_67_chr_70_chr_68_chr_33_chr_126_chr_33
1114_or_9176_cast_chr_113_chr_98_chr_98_chr_113_chr_113_select_case_when_9176_9176_then_1_else_0_end\text_chr_113_chr_118_chr_106_chr_98_chr_113_as_numeric_--_kted
</code>