geo/geo-coop
geo/geo-coop
7
1
Fork 0
Code Issues 55 Pull requests Projects Releases Packages Wiki Activity Actions

Block nuisance requests in order to save server resources and have cleaner logs #100

New issue
Open
opened 2020-01-06 04:17:37 +00:00 by mlncn · 1 comment
mlncn commented 2020-01-06 04:17:37 +00:00 (Migrated from gitlab.com)
Copy link

The latest annoying thing in the logs (at Eliot School) is 404s for autodiscover/autodiscover.xml which are malicious bots probing to see if we're running a blinking Microsoft Exchange e-mail server.

@wolcen we could have a special line in .htaccess or elsewhere in Apache that reads from a file (similar to what you do for redirects), that we could manually git pull sync within each project, as an MVP for this.

Notes here, but not meaningful: https://agaric.gitlab.io/raw-notes/notes/2020-01-05-block-attempts-to-probe-nonexistent-files-to-keep-them-out-of-application-logs-and-processing-time/

Posting here in a public project because i think we could get a little momentum going around this. Interestingly the place i found the most straightforward of possible (pretty bad) solutions is from an Acquia page, suggesting that maybe Wordfence for WordPress and other projects solve this more elegantly than Drupal? Or that other projects are mostly installed places where people never look at the logs, heh.

The latest annoying thing in the logs (at Eliot School) is 404s for autodiscover/autodiscover.xml which are malicious bots probing to see if we're running a blinking Microsoft Exchange e-mail server. @wolcen we could have a special line in .htaccess or elsewhere in Apache that reads from a file (similar to what you do for redirects), that we could manually `git pull` sync within each project, as an MVP for this. Notes here, but not meaningful: https://agaric.gitlab.io/raw-notes/notes/2020-01-05-block-attempts-to-probe-nonexistent-files-to-keep-them-out-of-application-logs-and-processing-time/ Posting here in a public project because i think we could get a little momentum going around this. Interestingly the place i found the most straightforward of possible (pretty bad) solutions is from an Acquia page, suggesting that maybe Wordfence for WordPress and other projects solve this more elegantly than Drupal? Or that other projects are mostly installed places where people never look at the logs, heh.
mlncn commented 2020-01-06 04:17:38 +00:00 (Migrated from gitlab.com)
Copy link

changed weight to 3

changed weight to **3**
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
drupal10-rebased
drupal10
master
12-comments
old-aug-left-on-local
No results found.
Labels
Clear labels   
A11y

Accessibility-related issues

  
Automated Testing

   
Contributable

Issues with work that can (potentially) be contributed back to Drupal or other FLOSS projects.

  
Contributed

Tag issues where we have contributed work back to FLOSS projects (replace Contributable tag; the Contributed tag can be removed once the contribution is recorded in a blog or something.

  
Decision

An issue that requires a decision be made.

  
Design

Issues that should include a UX/design work or review.

  
Development

   
Drutopia

Issues related to Drutopia features or infrastructure, or are potential Drutopia enhancements (with tag Contributable).

  
IndieWeb

Anything related to interlinking web sites in a broadly IndieWeb fashion, see https://indieweb.org/

  
Infrastructure

   
Launch Critical

Issue that must be done in time for launch.

  
Marketing

   
Needs documentation

When an issue has uncovered something that should be documented in a user guide or the project wiki or anywhere else outside the issue queue.

  
Post-Launch

An issue that needs to be completed, but can happen after launch.

  
status
Abandoned
An issue that has been abandoned and will not be completed.

  
status
Blocked
An issue that is blocked for a reason outside Agaric's control.

  
status
Deploy
An issue that has been tested and is ready to be deployed.

  
status
Doing

  
status
Done

  
status
In Review
An issue that has been completed and is ready for a code and/or design review.

  
status
Needs Clarification

  
status
Test
An issue that has been completed and is ready to be tested.

  
status
To Do
An issue that is an agreed priority and has all information needed to be completed.

  
type
Bug

  
type
Task

  
type
User Story

No labels
A11y
Automated Testing
Contributable
Contributed
Decision
Design
Development
Drutopia
IndieWeb
Infrastructure
Launch Critical
Marketing
Needs documentation
Post-Launch
status
Abandoned
status
Blocked
status
Deploy
status
Doing
status
Done
status
In Review
status
Needs Clarification
status
Test
status
To Do
type
Bug
type
Task
type
User Story
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: geo/geo-coop#100
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?