Someone keeps trying to break into my blog (brute forcing the password). I get emailed their IP address every time they get locked out and there have been multiple IPs, sometimes related (x.x.x.81, x.x.x.82, x.x.x.83...), sometimes not. Any suggestions on something "fun" I can do with them? I guess it's probably a bot, but just in case...
one plus one
Shared publicly•View activity
- Few things to try: see if the bot processes HTTP redirects and/or has a connection timeout. Redirecting to an infinite redirect or intentionally holding the connection open for an extended period of time are two ideas that come to mind.Feb 19, 2012
- This is a DOS attach to overwhelm your e-mail system :)Feb 19, 2012
- The nicest thing you can do is make your system put those IP addresses into a tarpit. This will drastically slow down the rate at which they can do anything, and while they are attacking your system they won't be attacking other people.Feb 19, 2012
- Boring option: find out who their provider is, and report them.Feb 19, 2012
- Not necessarily fun, but an htaccess file with an obnoxiously long password will keep requests from ever getting to the app, preventing all those emails and associated CPU burnFeb 19, 2012