/ Register

Discover Centmin Mod today
Register Now

How do you deal with malicious IPs that scan for exploits?

Discussion in 'System Administration' started by Jon Snow, Dec 11, 2025.

Previous Thread Next Thread
Loading...
  1. Dec 11, 2025 #1
    Jon Snow

    Jon Snow Active Member

    917
    188
    43
    Jun 30, 2017
    Ratings:
    +293
    Local Time:
    8:22 PM
    Nginx 1.13.9
    MariaDB 10.1.31
    I usually ignore it because I always keep my web apps up to date.

    But I've been curious what you guys have in place to deal with them.

    One web host I've been with (managed hosting in the past) used to block IPs that flagged too many 404s but that wasn't the best route because it flagged a lot of false positives / legit users too.

    Manually checking your access log can get tiring too. The ones I do notice, I block the ASNs in Cloudflare.
     
  2. Dec 13, 2025 #2
    eva2000

    eva2000 Administrator Staff Member

    58,893
    12,490
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,122
    Local Time:
    9:22 AM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    Paid Cloudflare Plans' WAF has managed rules that can take care of alot of them Managed Rules
    upload_2025-12-13_9-11-36.png

    example some Cloudflare Managed Ruleset WAF rules for Wordpress

    upload_2025-12-13_9-15-35.png
     
Previous Thread Next Thread
Loading...

.