How ComboStrap protects from bad bot scanning

Undraw Through The Park

About

combostrap will ban well-known path that bots are using to scan your server.

We enforce a shadow ban by performing a transparent redirect to the website home page.

For example, clicking on this well-known wordpress link wp-admin will send you to the home page (if you are not logged in).

It has the benefits:

  • to preserve the resources of your server.
  • to not telling explicitly to the attacker that they are banned.
  • to not trigger any web monitoring alert because of a too high redirection rate.

Scanning Banned

Wordpress

Wordpress Scanning bans all path that contains wp-.

Example:

wp-json:api:flutter_woo:config_file
wp-content:plugins:wpdiscuz:themes:default:style-rtl.css
wp-admin
2020:wp-includes:wlwmanifest.xml
wp-content:start
wp-admin:css:start

Git

Git Scanning bans all path that starts with “git”

Example:

git:objects:
git:refs:heads:stable
git:logs:refs:heads:main
git:logs:refs:heads:stable
git:hooks:pre-push.sample
git:hooks:pre-receive.sample

SQL Injection

SQL Injection Scanning bans all path that contains sql statements

Examples:

db:oracle:long_or_1_utl_inaddr.get_host_address_chr_33_chr_126_chr_33_chr_65_chr_66_chr_67_chr_49_chr_52_chr_53_chr_90_chr_81_chr_54_chr_50_chr_68_chr_87_chr_81_chr_65_chr_70_chr_80_chr_79_chr_73_chr_89_chr_67_chr_70_chr_68_chr_33_chr_126_chr_33
1114_or_9176_cast_chr_113_chr_98_chr_98_chr_113_chr_113_select_case_when_9176_9176_then_1_else_0_end\text_chr_113_chr_118_chr_106_chr_98_chr_113_as_numeric_--_kted




Showcase yourself and your brand

Get free news, tips, and tricks
to create a remarkable experience for your readers.




Recommended Pages
Undraw Through The Park
ComboStrap - Request Router

The request router is the entry point of all requests made on your website. It will redirect them to the correct page, even protect your website against bad behavior. When you choose a permanent...
Undraw Through The Park
ComboStrap URL Management - Redirection

A redirection occurs when a missing/non-existing page is requested. The processing and the type of redirections executed are explained below. ComboStrap performs four kind of redirection: a transparent...
Undraw Through The Park
ComboStrap Routing - Transparent Redirect

A transparent redirect is a redirection that shows the content of another page transparently (A visitor or a search engine bot will not see the redirection). It happens when the requested URL matches:...



Task Runner