mhoyeMar 17

"we caught one" god. Luxurious.

Once again, I strongly advise you to set up fail2ban so that anyone you serve a 404 catches at least a full day ban, and if you don't care about talking to other people's services, do your best to fully block the IP ranges associated with all the major hosting companies.

https://exple.tive.org/blarg/2025/10/21/raised-shields/

https://infosec.exchange/@foobardevs/116246141464905287

Show threadAndrew ZonenbergMar 17

@mhoye a single 404 is very aggressive, all it takes is one fatfingered link in a page pointing to your site and you're banning visitors en masse.

after 5-10 404s in a row for different URLs, different story.

Show threadmhoyeMar 17
@azonenberg Nobody is fat-fingering their way to .env or backdoor .asp files.
Show threadAndrew ZonenbergMar 17

@mhoye yes i'm all for having specific poison URLs that trigger an immediate ban.

But "immediate ban on any 404 whatsoever" seems heavy handed.

Show threadPeter Bindels
@azonenberg @mhoye I have ~15 url segments that put you into everything-403 for a while. Seems to work.
Mar 17 at 10:30pmWeb