Hi People, Does anyone know if there's a bot network out there that tries to hack a site with POST requests?
I have a site that's being flooded with them. And I don't have a good way to stop them. The bot seems to use valid User-agents, such as: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) But also: Nutscrape/1.0 (CP/M; 8-bit) The bots slurp the site and do POST attacks on urls. Like this: 77.37.53.11 - - [04/Oct/2008:13:49:22 +1300] "POST /forward/1?page=1 HTTP/1.0" 200 49500 "-" "Nutscrape/1.0 (CP/M; 8-bit)" I'm stopping them now by detecting bad POSTs and blocking the ip address with a script, but I would like to know what kind of bot this is, so perhaps there's a mechanism to stop them before they get a chance to do something. -- Cheers, Berend de Boer --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [EMAIL PROTECTED] -~----------~----~----~----~------~----~------~--~---
