Menu
▾
▴
Re: [Fail2ban-users] stop wp-login.php hits
|
From: <al...@ma...> - 2012-09-20 18:23:00
|
Hi Yaroslav, > or in other words -- you are advising not to parse non-customizable ErrorLog from apache but rely on a "combined" log + filtering for 404 lines? My advice is NOT to rely on data that can easily lead to false positives - 404 errors are entirely normal and when log does not contain essential information necessary for human review to determine if it's false positive or not then such data should be used with great care or not used at all. > if I am sure that all paths on my website are 'finalized', Anybody can link to your site with URLs that don't exist - web crawlers can't possibly know in advance if the URLs they found exist or not, that's just not possible. In addition to this web sites change designs, get forums installed and removed etc. > I have mentioned, AGENT string would be of limited additional information besides that they still want to ban that IP from accessing their website. It would be of great use to those who have to deal with the fallout resulting from false positives. Alex |