Replies: 1 comment 1 reply
-
|
it is an attack but for another software, and therefore it is ineffective and harmless. there's no plugin that i know to block after a number of 404 errors, but you can program the code yourself and make it run inside Admin-panel > Options > Server code. Yours should be something like this, but you may need to make changes as i didn't even test it, so maybe there's some error exports.init = api => {
const counters = {}
return {
middleware: ctx => () => { // wait for the status to be calculated by hfs
if (ctx.status === 404) {
if (5 === (counters[ctx.ip] = 1 + (counters[ctx.ip] || 0)))
api.addBlock({ ip: ctx.ip, comment: 'too many 404s' })
}
}
}
}also, this example is lacking a mechanism to reset the counter after a while, so if you make 5 errors in a month time span, you will be banned too. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you! I'll give a try and let you know what worked for me |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
So our HFS server is running on a Ryzen 9 pc with windows server inside a datacenter. We host a 15k members community. It won't be a surprise if someone wants to "hack" our server. So today i was looking at Logs in HFS and found this interesting request from a random IP.
"/boaform/admin/formLogin"
"/CDGServer3/SystemConfig"
Is there any kind of addon that blocks a specific IP that returns 404 error more than 5 times? It's annoying to block these IP's one by one.
Also i'd like to know if this kind of attack could be dangerous or not.
Another question. How can i have HTTPS enabled if i don't have a .com domain for example. My server is hosted inside datacenter with a fixed IP. Is there any tutorial to enable HTTPS in HFS?
Thank you!
Beta Was this translation helpful? Give feedback.
All reactions