...on Mon, Jan 16, 2006 at 12:34:54PM +0100, Didier Wiroth wrote: > [Sun Jan 15 20:53:24 2006] [error] [client 69.60.121.159] File does not > exist: /htdocs/xmlsrv/xmlrpc.php > How do "you" handle these kind of attacks?
Ignoring them, mostly. It's the attack script of the month. > How or what do I have to use to dynamically block client Ips, that tries > these type of attacks? In my case, most of them seem to come from some dialup/DSL ranges with dynamic addresses, so blocking is not much use. If you're annoyed enough, you might try mod_security (if you run apache), or simply catch all access to an xmlrpc.php with a mod_rewrite rule. If you don't need it somewhere, that is. Alex.
